diff --git a/docs/redoc/index.html b/docs/redoc/index.html index 13a01d6e..b4358915 100644 --- a/docs/redoc/index.html +++ b/docs/redoc/index.html @@ -12,123 +12,529 @@ margin: 0; } - "},this.getStyleTags=function(){return e.sealed?S(2):e._emitSheetCSS()},this.getStyleElement=function(){var t;if(e.sealed)return S(2);var n=((t={})[w]="",t["data-styled-version"]="5.1.1",t.dangerouslySetInnerHTML={__html:e.instance.toString()},t),r=E();return r&&(n.nonce=r),[i.a.createElement("style",d({},n,{key:"sc-0-0"}))]},this.seal=function(){e.sealed=!0},this.instance=new q({isServer:!0}),this.sealed=!1}var t=e.prototype;return t.collectStyles=function(e){return this.sealed?S(2):i.a.createElement(ne,{sheet:this.instance},e)},t.interleaveWithNodeStream=function(e){return S(3)},e}(),De=function(e){var t=i.a.forwardRef((function(t,n){var r=Object(o.useContext)(Se),a=e.defaultProps,s=xe(t,r,a);return i.a.createElement(e,d({},t,{theme:s,ref:n}))}));return f()(t,e),t.displayName="WithTheme("+b(e)+")",t},Fe=function(){return Object(o.useContext)(Se)},ze={StyleSheet:q,masterSheet:J},Ue="5.1.1";t.default=Pe}.call(this,n(17))},function(e,t,n){"use strict";(function(e){ +/*! + * The buffer module from node.js, for the browser. + * + * @author Feross Aboukhadijeh + * @license MIT + */ +var r=n(241),o=n(242),i=n(129);function a(){return l.TYPED_ARRAY_SUPPORT?2147483647:1073741823}function s(e,t){if(a()=a())throw new RangeError("Attempt to allocate Buffer larger than maximum size: 0x"+a().toString(16)+" bytes");return 0|e}function h(e,t){if(l.isBuffer(e))return e.length;if("undefined"!=typeof ArrayBuffer&&"function"==typeof ArrayBuffer.isView&&(ArrayBuffer.isView(e)||e instanceof ArrayBuffer))return e.byteLength;"string"!=typeof e&&(e=""+e);var n=e.length;if(0===n)return 0;for(var r=!1;;)switch(t){case"ascii":case"latin1":case"binary":return n;case"utf8":case"utf-8":case void 0:return U(e).length;case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return 2*n;case"hex":return n>>>1;case"base64":return B(e).length;default:if(r)return U(e).length;t=(""+t).toLowerCase(),r=!0}}function m(e,t,n){var r=!1;if((void 0===t||t<0)&&(t=0),t>this.length)return"";if((void 0===n||n>this.length)&&(n=this.length),n<=0)return"";if((n>>>=0)<=(t>>>=0))return"";for(e||(e="utf8");;)switch(e){case"hex":return A(this,t,n);case"utf8":case"utf-8":return S(this,t,n);case"ascii":return T(this,t,n);case"latin1":case"binary":return j(this,t,n);case"base64":return E(this,t,n);case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return C(this,t,n);default:if(r)throw new TypeError("Unknown encoding: "+e);e=(e+"").toLowerCase(),r=!0}}function g(e,t,n){var r=e[t];e[t]=e[n],e[n]=r}function v(e,t,n,r,o){if(0===e.length)return-1;if("string"==typeof n?(r=n,n=0):n>2147483647?n=2147483647:n<-2147483648&&(n=-2147483648),n=+n,isNaN(n)&&(n=o?0:e.length-1),n<0&&(n=e.length+n),n>=e.length){if(o)return-1;n=e.length-1}else if(n<0){if(!o)return-1;n=0}if("string"==typeof t&&(t=l.from(t,r)),l.isBuffer(t))return 0===t.length?-1:y(e,t,n,r,o);if("number"==typeof t)return t&=255,l.TYPED_ARRAY_SUPPORT&&"function"==typeof Uint8Array.prototype.indexOf?o?Uint8Array.prototype.indexOf.call(e,t,n):Uint8Array.prototype.lastIndexOf.call(e,t,n):y(e,[t],n,r,o);throw new TypeError("val must be string, number or Buffer")}function y(e,t,n,r,o){var i,a=1,s=e.length,l=t.length;if(void 0!==r&&("ucs2"===(r=String(r).toLowerCase())||"ucs-2"===r||"utf16le"===r||"utf-16le"===r)){if(e.length<2||t.length<2)return-1;a=2,s/=2,l/=2,n/=2}function c(e,t){return 1===a?e[t]:e.readUInt16BE(t*a)}if(o){var u=-1;for(i=n;is&&(n=s-l),i=n;i>=0;i--){for(var p=!0,f=0;fo&&(r=o):r=o;var i=t.length;if(i%2!=0)throw new TypeError("Invalid hex string");r>i/2&&(r=i/2);for(var a=0;a>8,o=n%256,i.push(o),i.push(r);return i}(t,e.length-n),e,n,r)}function E(e,t,n){return 0===t&&n===e.length?r.fromByteArray(e):r.fromByteArray(e.slice(t,n))}function S(e,t,n){n=Math.min(e.length,n);for(var r=[],o=t;o239?4:c>223?3:c>191?2:1;if(o+p<=n)switch(p){case 1:c<128&&(u=c);break;case 2:128==(192&(i=e[o+1]))&&(l=(31&c)<<6|63&i)>127&&(u=l);break;case 3:i=e[o+1],a=e[o+2],128==(192&i)&&128==(192&a)&&(l=(15&c)<<12|(63&i)<<6|63&a)>2047&&(l<55296||l>57343)&&(u=l);break;case 4:i=e[o+1],a=e[o+2],s=e[o+3],128==(192&i)&&128==(192&a)&&128==(192&s)&&(l=(15&c)<<18|(63&i)<<12|(63&a)<<6|63&s)>65535&&l<1114112&&(u=l)}null===u?(u=65533,p=1):u>65535&&(u-=65536,r.push(u>>>10&1023|55296),u=56320|1023&u),r.push(u),o+=p}return function(e){var t=e.length;if(t<=4096)return String.fromCharCode.apply(String,e);var n="",r=0;for(;r0&&(e=this.toString("hex",0,n).match(/.{2}/g).join(" "),this.length>n&&(e+=" ... ")),""},l.prototype.compare=function(e,t,n,r,o){if(!l.isBuffer(e))throw new TypeError("Argument must be a Buffer");if(void 0===t&&(t=0),void 0===n&&(n=e?e.length:0),void 0===r&&(r=0),void 0===o&&(o=this.length),t<0||n>e.length||r<0||o>this.length)throw new RangeError("out of range index");if(r>=o&&t>=n)return 0;if(r>=o)return-1;if(t>=n)return 1;if(this===e)return 0;for(var i=(o>>>=0)-(r>>>=0),a=(n>>>=0)-(t>>>=0),s=Math.min(i,a),c=this.slice(r,o),u=e.slice(t,n),p=0;po)&&(n=o),e.length>0&&(n<0||t<0)||t>this.length)throw new RangeError("Attempt to write outside buffer bounds");r||(r="utf8");for(var i=!1;;)switch(r){case"hex":return b(this,e,t,n);case"utf8":case"utf-8":return x(this,e,t,n);case"ascii":return w(this,e,t,n);case"latin1":case"binary":return _(this,e,t,n);case"base64":return k(this,e,t,n);case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return O(this,e,t,n);default:if(i)throw new TypeError("Unknown encoding: "+r);r=(""+r).toLowerCase(),i=!0}},l.prototype.toJSON=function(){return{type:"Buffer",data:Array.prototype.slice.call(this._arr||this,0)}};function T(e,t,n){var r="";n=Math.min(e.length,n);for(var o=t;or)&&(n=r);for(var o="",i=t;in)throw new RangeError("Trying to access beyond buffer length")}function P(e,t,n,r,o,i){if(!l.isBuffer(e))throw new TypeError('"buffer" argument must be a Buffer instance');if(t>o||te.length)throw new RangeError("Index out of range")}function R(e,t,n,r){t<0&&(t=65535+t+1);for(var o=0,i=Math.min(e.length-n,2);o>>8*(r?o:1-o)}function N(e,t,n,r){t<0&&(t=4294967295+t+1);for(var o=0,i=Math.min(e.length-n,4);o>>8*(r?o:3-o)&255}function L(e,t,n,r,o,i){if(n+r>e.length)throw new RangeError("Index out of range");if(n<0)throw new RangeError("Index out of range")}function M(e,t,n,r,i){return i||L(e,0,n,4),o.write(e,t,n,r,23,4),n+4}function D(e,t,n,r,i){return i||L(e,0,n,8),o.write(e,t,n,r,52,8),n+8}l.prototype.slice=function(e,t){var n,r=this.length;if((e=~~e)<0?(e+=r)<0&&(e=0):e>r&&(e=r),(t=void 0===t?r:~~t)<0?(t+=r)<0&&(t=0):t>r&&(t=r),t0&&(o*=256);)r+=this[e+--t]*o;return r},l.prototype.readUInt8=function(e,t){return t||I(e,1,this.length),this[e]},l.prototype.readUInt16LE=function(e,t){return t||I(e,2,this.length),this[e]|this[e+1]<<8},l.prototype.readUInt16BE=function(e,t){return t||I(e,2,this.length),this[e]<<8|this[e+1]},l.prototype.readUInt32LE=function(e,t){return t||I(e,4,this.length),(this[e]|this[e+1]<<8|this[e+2]<<16)+16777216*this[e+3]},l.prototype.readUInt32BE=function(e,t){return t||I(e,4,this.length),16777216*this[e]+(this[e+1]<<16|this[e+2]<<8|this[e+3])},l.prototype.readIntLE=function(e,t,n){e|=0,t|=0,n||I(e,t,this.length);for(var r=this[e],o=1,i=0;++i=(o*=128)&&(r-=Math.pow(2,8*t)),r},l.prototype.readIntBE=function(e,t,n){e|=0,t|=0,n||I(e,t,this.length);for(var r=t,o=1,i=this[e+--r];r>0&&(o*=256);)i+=this[e+--r]*o;return i>=(o*=128)&&(i-=Math.pow(2,8*t)),i},l.prototype.readInt8=function(e,t){return t||I(e,1,this.length),128&this[e]?-1*(255-this[e]+1):this[e]},l.prototype.readInt16LE=function(e,t){t||I(e,2,this.length);var n=this[e]|this[e+1]<<8;return 32768&n?4294901760|n:n},l.prototype.readInt16BE=function(e,t){t||I(e,2,this.length);var n=this[e+1]|this[e]<<8;return 32768&n?4294901760|n:n},l.prototype.readInt32LE=function(e,t){return t||I(e,4,this.length),this[e]|this[e+1]<<8|this[e+2]<<16|this[e+3]<<24},l.prototype.readInt32BE=function(e,t){return t||I(e,4,this.length),this[e]<<24|this[e+1]<<16|this[e+2]<<8|this[e+3]},l.prototype.readFloatLE=function(e,t){return t||I(e,4,this.length),o.read(this,e,!0,23,4)},l.prototype.readFloatBE=function(e,t){return t||I(e,4,this.length),o.read(this,e,!1,23,4)},l.prototype.readDoubleLE=function(e,t){return t||I(e,8,this.length),o.read(this,e,!0,52,8)},l.prototype.readDoubleBE=function(e,t){return t||I(e,8,this.length),o.read(this,e,!1,52,8)},l.prototype.writeUIntLE=function(e,t,n,r){(e=+e,t|=0,n|=0,r)||P(this,e,t,n,Math.pow(2,8*n)-1,0);var o=1,i=0;for(this[t]=255&e;++i=0&&(i*=256);)this[t+o]=e/i&255;return t+n},l.prototype.writeUInt8=function(e,t,n){return e=+e,t|=0,n||P(this,e,t,1,255,0),l.TYPED_ARRAY_SUPPORT||(e=Math.floor(e)),this[t]=255&e,t+1},l.prototype.writeUInt16LE=function(e,t,n){return e=+e,t|=0,n||P(this,e,t,2,65535,0),l.TYPED_ARRAY_SUPPORT?(this[t]=255&e,this[t+1]=e>>>8):R(this,e,t,!0),t+2},l.prototype.writeUInt16BE=function(e,t,n){return e=+e,t|=0,n||P(this,e,t,2,65535,0),l.TYPED_ARRAY_SUPPORT?(this[t]=e>>>8,this[t+1]=255&e):R(this,e,t,!1),t+2},l.prototype.writeUInt32LE=function(e,t,n){return e=+e,t|=0,n||P(this,e,t,4,4294967295,0),l.TYPED_ARRAY_SUPPORT?(this[t+3]=e>>>24,this[t+2]=e>>>16,this[t+1]=e>>>8,this[t]=255&e):N(this,e,t,!0),t+4},l.prototype.writeUInt32BE=function(e,t,n){return e=+e,t|=0,n||P(this,e,t,4,4294967295,0),l.TYPED_ARRAY_SUPPORT?(this[t]=e>>>24,this[t+1]=e>>>16,this[t+2]=e>>>8,this[t+3]=255&e):N(this,e,t,!1),t+4},l.prototype.writeIntLE=function(e,t,n,r){if(e=+e,t|=0,!r){var o=Math.pow(2,8*n-1);P(this,e,t,n,o-1,-o)}var i=0,a=1,s=0;for(this[t]=255&e;++i>0)-s&255;return t+n},l.prototype.writeIntBE=function(e,t,n,r){if(e=+e,t|=0,!r){var o=Math.pow(2,8*n-1);P(this,e,t,n,o-1,-o)}var i=n-1,a=1,s=0;for(this[t+i]=255&e;--i>=0&&(a*=256);)e<0&&0===s&&0!==this[t+i+1]&&(s=1),this[t+i]=(e/a>>0)-s&255;return t+n},l.prototype.writeInt8=function(e,t,n){return e=+e,t|=0,n||P(this,e,t,1,127,-128),l.TYPED_ARRAY_SUPPORT||(e=Math.floor(e)),e<0&&(e=255+e+1),this[t]=255&e,t+1},l.prototype.writeInt16LE=function(e,t,n){return e=+e,t|=0,n||P(this,e,t,2,32767,-32768),l.TYPED_ARRAY_SUPPORT?(this[t]=255&e,this[t+1]=e>>>8):R(this,e,t,!0),t+2},l.prototype.writeInt16BE=function(e,t,n){return e=+e,t|=0,n||P(this,e,t,2,32767,-32768),l.TYPED_ARRAY_SUPPORT?(this[t]=e>>>8,this[t+1]=255&e):R(this,e,t,!1),t+2},l.prototype.writeInt32LE=function(e,t,n){return e=+e,t|=0,n||P(this,e,t,4,2147483647,-2147483648),l.TYPED_ARRAY_SUPPORT?(this[t]=255&e,this[t+1]=e>>>8,this[t+2]=e>>>16,this[t+3]=e>>>24):N(this,e,t,!0),t+4},l.prototype.writeInt32BE=function(e,t,n){return e=+e,t|=0,n||P(this,e,t,4,2147483647,-2147483648),e<0&&(e=4294967295+e+1),l.TYPED_ARRAY_SUPPORT?(this[t]=e>>>24,this[t+1]=e>>>16,this[t+2]=e>>>8,this[t+3]=255&e):N(this,e,t,!1),t+4},l.prototype.writeFloatLE=function(e,t,n){return M(this,e,t,!0,n)},l.prototype.writeFloatBE=function(e,t,n){return M(this,e,t,!1,n)},l.prototype.writeDoubleLE=function(e,t,n){return D(this,e,t,!0,n)},l.prototype.writeDoubleBE=function(e,t,n){return D(this,e,t,!1,n)},l.prototype.copy=function(e,t,n,r){if(n||(n=0),r||0===r||(r=this.length),t>=e.length&&(t=e.length),t||(t=0),r>0&&r=this.length)throw new RangeError("sourceStart out of bounds");if(r<0)throw new RangeError("sourceEnd out of bounds");r>this.length&&(r=this.length),e.length-t=0;--o)e[o+t]=this[o+n];else if(i<1e3||!l.TYPED_ARRAY_SUPPORT)for(o=0;o>>=0,n=void 0===n?this.length:n>>>0,e||(e=0),"number"==typeof e)for(i=t;i55295&&n<57344){if(!o){if(n>56319){(t-=3)>-1&&i.push(239,191,189);continue}if(a+1===r){(t-=3)>-1&&i.push(239,191,189);continue}o=n;continue}if(n<56320){(t-=3)>-1&&i.push(239,191,189),o=n;continue}n=65536+(o-55296<<10|n-56320)}else o&&(t-=3)>-1&&i.push(239,191,189);if(o=null,n<128){if((t-=1)<0)break;i.push(n)}else if(n<2048){if((t-=2)<0)break;i.push(n>>6|192,63&n|128)}else if(n<65536){if((t-=3)<0)break;i.push(n>>12|224,n>>6&63|128,63&n|128)}else{if(!(n<1114112))throw new Error("Invalid code point");if((t-=4)<0)break;i.push(n>>18|240,n>>12&63|128,n>>6&63|128,63&n|128)}}return i}function B(e){return r.toByteArray(function(e){if((e=function(e){return e.trim?e.trim():e.replace(/^\s+|\s+$/g,"")}(e).replace(F,"")).length<2)return"";for(;e.length%4!=0;)e+="=";return e}(e))}function $(e,t,n,r){for(var o=0;o=t.length||o>=e.length);++o)t[o+n]=e[o];return o}}).call(this,n(6))},function(e,t,n){var r=n(7);e.exports=!r((function(){return 7!=Object.defineProperty({},1,{get:function(){return 7}})[1]}))},function(e,t,n){var r=n(15),o=n(100),i=n(19),a=n(50),s=Object.defineProperty;t.f=r?s:function(e,t,n){if(i(e),t=a(t,!0),i(n),o)try{return s(e,t,n)}catch(e){}if("get"in n||"set"in n)throw TypeError("Accessors not supported");return"value"in n&&(e[t]=n.value),e}},function(e,t){var n,r,o=e.exports={};function i(){throw new Error("setTimeout has not been defined")}function a(){throw new Error("clearTimeout has not been defined")}function s(e){if(n===setTimeout)return setTimeout(e,0);if((n===i||!n)&&setTimeout)return n=setTimeout,setTimeout(e,0);try{return n(e,0)}catch(t){try{return n.call(null,e,0)}catch(t){return n.call(this,e,0)}}}!function(){try{n="function"==typeof setTimeout?setTimeout:i}catch(e){n=i}try{r="function"==typeof clearTimeout?clearTimeout:a}catch(e){r=a}}();var l,c=[],u=!1,p=-1;function f(){u&&l&&(u=!1,l.length?c=l.concat(c):p=-1,c.length&&d())}function d(){if(!u){var e=s(f);u=!0;for(var t=c.length;t;){for(l=c,c=[];++p1)for(var n=1;n=0?e.substr(t).toLowerCase():""},t.getHash=function(e){var t=e.indexOf("#");return t>=0?e.substr(t):"#"},t.stripHash=function(e){var t=e.indexOf("#");return t>=0&&(e=e.substr(0,t)),e},t.isHttp=function(e){var t=s.getProtocol(e);return"http"===t||"https"===t||void 0===t&&r.browser},t.isFileSystemPath=function(e){if(r.browser)return!1;var t=s.getProtocol(e);return void 0===t||"file"===t},t.fromFileSystemPath=function(e){o&&(e=e.replace(/\\/g,"/")),e=encodeURI(e);for(var t=0;t2?r:e).apply(void 0,o)}}e.memoize=a,e.debounce=s,e.bind=l,e.default={memoize:a,debounce:s,bind:l}})?r.apply(t,o):r)||(e.exports=i)},function(e,t){var n={}.toString;e.exports=function(e){return n.call(e).slice(8,-1)}},function(e,t,n){var r=n(78),o=n(41);e.exports=function(e){return r(o(e))}},function(e,t,n){var r=n(24),o=n(3),i=function(e){return"function"==typeof e?e:void 0};e.exports=function(e,t){return arguments.length<2?i(r[e])||i(o[e]):r[e]&&r[e][t]||o[e]&&o[e][t]}},function(e,t,n){var r=n(16).f,o=n(10),i=n(4)("toStringTag");e.exports=function(e,t,n){e&&!o(e=n?e:e.prototype,i)&&r(e,i,{configurable:!0,value:t})}},function(e,t,n){"use strict";var r=n(267),o=Array.prototype.slice,i=["name","message","stack"],a=["name","message","description","number","code","fileName","lineNumber","columnNumber","sourceURL","line","column","stack"];function s(t){return function(n,r,i,a){var s=[],p="";"string"==typeof n?(s=o.call(arguments),n=r=void 0):"string"==typeof r?(s=o.call(arguments,1),r=void 0):"string"==typeof i&&(s=o.call(arguments,2)),s.length>0&&(p=e.exports.formatter.apply(null,s)),n&&n.message&&(p+=(p?" \n":"")+n.message);var f=new t(p);return l(f,n),c(f),u(f,r),f}}function l(e,t){!function(e,t){!function(e){if(!m)return!1;var t=Object.getOwnPropertyDescriptor(e,"stack");if(!t)return!1;return"function"==typeof t.get}(e)?e.stack=t?d(e.stack,t.stack):h(e.stack):t?function(e,t){var n=Object.getOwnPropertyDescriptor(e,"stack");Object.defineProperty(e,"stack",{get:function(){return d(n.get.apply(e),t.stack)},enumerable:!1,configurable:!0})}(e,t):(n=e,r=Object.getOwnPropertyDescriptor(n,"stack"),Object.defineProperty(n,"stack",{get:function(){return h(r.get.apply(n))},enumerable:!1,configurable:!0}));var n,r}(e,t),u(e,t)}function c(e){e.toJSON=p,e.inspect=f}function u(e,t){if(t&&"object"==typeof t)for(var n=Object.keys(t),r=0;r=0))try{e[o]=t[o]}catch(e){}}}function p(){var e={},t=Object.keys(this);t=t.concat(a);for(var n=0;n=0)return t.splice(n,1),t.join("\n")}return e}}e.exports=s(Error),e.exports.error=s(Error),e.exports.eval=s(EvalError),e.exports.range=s(RangeError),e.exports.reference=s(ReferenceError),e.exports.syntax=s(SyntaxError),e.exports.type=s(TypeError),e.exports.uri=s(URIError),e.exports.formatter=r;var m=!(!Object.getOwnPropertyDescriptor||!Object.defineProperty||"undefined"!=typeof navigator&&/Android/.test(navigator.userAgent))},function(e,t){"function"==typeof Object.create?e.exports=function(e,t){t&&(e.super_=t,e.prototype=Object.create(t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}))}:e.exports=function(e,t){if(t){e.super_=t;var n=function(){};n.prototype=t.prototype,e.prototype=new n,e.prototype.constructor=e}}},function(e,t,n){var r,o,i,a=n(161),s=n(3),l=n(8),c=n(22),u=n(10),p=n(52),f=n(40),d=s.WeakMap;if(a){var h=new d,m=h.get,g=h.has,v=h.set;r=function(e,t){return v.call(h,e,t),t},o=function(e){return m.call(h,e)||{}},i=function(e){return g.call(h,e)}}else{var y=p("state");f[y]=!0,r=function(e,t){return c(e,y,t),t},o=function(e){return u(e,y)?e[y]:{}},i=function(e){return u(e,y)}}e.exports={set:r,get:o,has:i,enforce:function(e){return i(e)?o(e):r(e,{})},getterFor:function(e){return function(t){var n;if(!l(t)||(n=o(t)).type!==e)throw TypeError("Incompatible receiver, "+e+" required");return n}}}},function(e,t,n){var r=n(15),o=n(53),i=n(39),a=n(28),s=n(50),l=n(10),c=n(100),u=Object.getOwnPropertyDescriptor;t.f=r?u:function(e,t){if(e=a(e),t=s(t,!0),c)try{return u(e,t)}catch(e){}if(l(e,t))return i(!o.f.call(e,t),e[t])}},function(e,t,n){var r=n(76),o=Math.min;e.exports=function(e){return e>0?o(r(e),9007199254740991):0}},function(e,t,n){"use strict";var r=n(46),o=n(57),i=n(5);function a(e,t,n){var r=[];return e.include.forEach((function(e){n=a(e,t,n)})),e[t].forEach((function(e){n.forEach((function(t,n){t.tag===e.tag&&t.kind===e.kind&&r.push(n)})),n.push(e)})),n.filter((function(e,t){return-1===r.indexOf(t)}))}function s(e){this.include=e.include||[],this.implicit=e.implicit||[],this.explicit=e.explicit||[],this.implicit.forEach((function(e){if(e.loadKind&&"scalar"!==e.loadKind)throw new o("There is a non-scalar type in the implicit list of a schema. Implicit resolving of such types is not supported.")})),this.compiledImplicit=a(this,"implicit",[]),this.compiledExplicit=a(this,"explicit",[]),this.compiledTypeMap=function(){var e,t,n={scalar:{},sequence:{},mapping:{},fallback:{}};function r(e){n[e.kind][e.tag]=n.fallback[e.tag]=e}for(e=0,t=arguments.length;e=u.reach);k+=_.value.length,_=_.next){var O=_.value;if(n.length>t.length)return;if(!(O instanceof o)){var E=1;if(v&&_!=n.tail.prev){if(w.lastIndex=k,!(C=w.exec(t)))break;var S=C.index+(g&&C[1]?C[1].length:0),T=C.index+C[0].length,j=k;for(j+=_.value.length;S>=j;)_=_.next,j+=_.value.length;if(j-=_.value.length,k=j,_.value instanceof o)continue;for(var A=_;A!==n.tail&&(ju.reach&&(u.reach=N);var L=_.prev;P&&(L=a(n,L,P),k+=P.length),s(n,L,E);var M=new o(p,m?r.tokenize(I,m):I,b,I);_=a(n,L,M),R&&a(n,_,R),E>1&&e(t,n,i,_.prev,k,{cause:p+","+d,reach:N})}}}}}}(e,c,t,c.head,0),function(e){var t=[],n=e.head.next;for(;n!==e.tail;)t.push(n.value),n=n.next;return t}(c)},hooks:{all:{},add:function(e,t){var n=r.hooks.all;n[e]=n[e]||[],n[e].push(t)},run:function(e,t){var n=r.hooks.all[e];if(n&&n.length)for(var o,i=0;o=n[i++];)o(t)}},Token:o};function o(e,t,n,r){this.type=e,this.content=t,this.alias=n,this.length=0|(r||"").length}function i(){var e={value:null,prev:null,next:null},t={value:null,prev:e,next:null};e.next=t,this.head=e,this.tail=t,this.length=0}function a(e,t,n){var r=t.next,o={value:n,prev:t,next:r};return t.next=o,r.prev=o,e.length++,o}function s(e,t,n){for(var r=t.next,o=0;o"+i.content+""},!e.document)return e.addEventListener?(r.disableWorkerMessageHandler||e.addEventListener("message",(function(t){var n=JSON.parse(t.data),o=n.language,i=n.code,a=n.immediateClose;e.postMessage(r.highlight(i,r.languages[o],o)),a&&e.close()}),!1),r):r;var l=r.util.currentScript();function c(){r.manual||r.highlightAll()}if(l&&(r.filename=l.src,l.hasAttribute("data-manual")&&(r.manual=!0)),!r.manual){var u=document.readyState;"loading"===u||"interactive"===u&&l&&l.defer?document.addEventListener("DOMContentLoaded",c):window.requestAnimationFrame?window.requestAnimationFrame(c):window.setTimeout(c,16)}return r}("undefined"!=typeof window?window:"undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?self:{}); +/** + * Prism: Lightweight, robust, elegant syntax highlighting + * + * @license MIT + * @author Lea Verou + * @namespace + * @public + */e.exports&&(e.exports=n),void 0!==t&&(t.Prism=n),n.languages.markup={comment://,prolog:/<\?[\s\S]+?\?>/,doctype:{pattern:/"'[\]]|"[^"]*"|'[^']*')+(?:\[(?:[^<"'\]]|"[^"]*"|'[^']*'|<(?!!--)|)*\]\s*)?>/i,greedy:!0,inside:{"internal-subset":{pattern:/(\[)[\s\S]+(?=\]>$)/,lookbehind:!0,greedy:!0,inside:null},string:{pattern:/"[^"]*"|'[^']*'/,greedy:!0},punctuation:/^$|[[\]]/,"doctype-tag":/^DOCTYPE/,name:/[^\s<>'"]+/}},cdata://i,tag:{pattern:/<\/?(?!\d)[^\s>\/=$<%]+(?:\s(?:\s*[^\s>\/=]+(?:\s*=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+(?=[\s>]))|(?=[\s/>])))+)?\s*\/?>/,greedy:!0,inside:{tag:{pattern:/^<\/?[^\s>\/]+/,inside:{punctuation:/^<\/?/,namespace:/^[^\s>\/:]+:/}},"attr-value":{pattern:/=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+)/,inside:{punctuation:[{pattern:/^=/,alias:"attr-equals"},/"|'/]}},punctuation:/\/?>/,"attr-name":{pattern:/[^\s>\/]+/,inside:{namespace:/^[^\s>\/:]+:/}}}},entity:[{pattern:/&[\da-z]{1,8};/i,alias:"named-entity"},/&#x?[\da-f]{1,8};/i]},n.languages.markup.tag.inside["attr-value"].inside.entity=n.languages.markup.entity,n.languages.markup.doctype.inside["internal-subset"].inside=n.languages.markup,n.hooks.add("wrap",(function(e){"entity"===e.type&&(e.attributes.title=e.content.replace(/&/,"&"))})),Object.defineProperty(n.languages.markup.tag,"addInlined",{value:function(e,t){var r={};r["language-"+t]={pattern:/(^$)/i,lookbehind:!0,inside:n.languages[t]},r.cdata=/^$/i;var o={"included-cdata":{pattern://i,inside:r}};o["language-"+t]={pattern:/[\s\S]+/,inside:n.languages[t]};var i={};i[e]={pattern:RegExp(/(<__[\s\S]*?>)(?:))*\]\]>|(?!)/.source.replace(/__/g,(function(){return e})),"i"),lookbehind:!0,greedy:!0,inside:o},n.languages.insertBefore("markup","cdata",i)}}),n.languages.html=n.languages.markup,n.languages.mathml=n.languages.markup,n.languages.svg=n.languages.markup,n.languages.xml=n.languages.extend("markup",{}),n.languages.ssml=n.languages.xml,n.languages.atom=n.languages.xml,n.languages.rss=n.languages.xml,function(e){var t=/("|')(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1/;e.languages.css={comment:/\/\*[\s\S]*?\*\//,atrule:{pattern:/@[\w-]+[\s\S]*?(?:;|(?=\s*\{))/,inside:{rule:/^@[\w-]+/,"selector-function-argument":{pattern:/(\bselector\s*\((?!\s*\))\s*)(?:[^()]|\((?:[^()]|\([^()]*\))*\))+?(?=\s*\))/,lookbehind:!0,alias:"selector"},keyword:{pattern:/(^|[^\w-])(?:and|not|only|or)(?![\w-])/,lookbehind:!0}}},url:{pattern:RegExp("\\burl\\((?:"+t.source+"|"+/(?:[^\\\r\n()"']|\\[\s\S])*/.source+")\\)","i"),greedy:!0,inside:{function:/^url/i,punctuation:/^\(|\)$/,string:{pattern:RegExp("^"+t.source+"$"),alias:"url"}}},selector:RegExp("[^{}\\s](?:[^{};\"']|"+t.source+")*?(?=\\s*\\{)"),string:{pattern:t,greedy:!0},property:/[-_a-z\xA0-\uFFFF][-\w\xA0-\uFFFF]*(?=\s*:)/i,important:/!important\b/i,function:/[-a-z0-9]+(?=\()/i,punctuation:/[(){};:,]/},e.languages.css.atrule.inside.rest=e.languages.css;var n=e.languages.markup;n&&(n.tag.addInlined("style","css"),e.languages.insertBefore("inside","attr-value",{"style-attr":{pattern:/\s*style=("|')(?:\\[\s\S]|(?!\1)[^\\])*\1/i,inside:{"attr-name":{pattern:/^\s*style/i,inside:n.tag.inside},punctuation:/^\s*=\s*['"]|['"]\s*$/,"attr-value":{pattern:/.+/i,inside:e.languages.css}},alias:"language-css"}},n.tag))}(n),n.languages.clike={comment:[{pattern:/(^|[^\\])\/\*[\s\S]*?(?:\*\/|$)/,lookbehind:!0},{pattern:/(^|[^\\:])\/\/.*/,lookbehind:!0,greedy:!0}],string:{pattern:/(["'])(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1/,greedy:!0},"class-name":{pattern:/(\b(?:class|interface|extends|implements|trait|instanceof|new)\s+|\bcatch\s+\()[\w.\\]+/i,lookbehind:!0,inside:{punctuation:/[.\\]/}},keyword:/\b(?:if|else|while|do|for|return|in|instanceof|function|new|try|throw|catch|finally|null|break|continue)\b/,boolean:/\b(?:true|false)\b/,function:/\w+(?=\()/,number:/\b0x[\da-f]+\b|(?:\b\d+\.?\d*|\B\.\d+)(?:e[+-]?\d+)?/i,operator:/[<>]=?|[!=]=?=?|--?|\+\+?|&&?|\|\|?|[?*/~^%]/,punctuation:/[{}[\];(),.:]/},n.languages.javascript=n.languages.extend("clike",{"class-name":[n.languages.clike["class-name"],{pattern:/(^|[^$\w\xA0-\uFFFF])[_$A-Z\xA0-\uFFFF][$\w\xA0-\uFFFF]*(?=\.(?:prototype|constructor))/,lookbehind:!0}],keyword:[{pattern:/((?:^|})\s*)(?:catch|finally)\b/,lookbehind:!0},{pattern:/(^|[^.]|\.\.\.\s*)\b(?:as|async(?=\s*(?:function\b|\(|[$\w\xA0-\uFFFF]|$))|await|break|case|class|const|continue|debugger|default|delete|do|else|enum|export|extends|for|from|function|(?:get|set)(?=\s*[\[$\w\xA0-\uFFFF])|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|static|super|switch|this|throw|try|typeof|undefined|var|void|while|with|yield)\b/,lookbehind:!0}],number:/\b(?:(?:0[xX](?:[\dA-Fa-f](?:_[\dA-Fa-f])?)+|0[bB](?:[01](?:_[01])?)+|0[oO](?:[0-7](?:_[0-7])?)+)n?|(?:\d(?:_\d)?)+n|NaN|Infinity)\b|(?:\b(?:\d(?:_\d)?)+\.?(?:\d(?:_\d)?)*|\B\.(?:\d(?:_\d)?)+)(?:[Ee][+-]?(?:\d(?:_\d)?)+)?/,function:/#?[_$a-zA-Z\xA0-\uFFFF][$\w\xA0-\uFFFF]*(?=\s*(?:\.\s*(?:apply|bind|call)\s*)?\()/,operator:/--|\+\+|\*\*=?|=>|&&=?|\|\|=?|[!=]==|<<=?|>>>?=?|[-+*/%&|^!=<>]=?|\.{3}|\?\?=?|\?\.?|[~:]/}),n.languages.javascript["class-name"][0].pattern=/(\b(?:class|interface|extends|implements|instanceof|new)\s+)[\w.\\]+/,n.languages.insertBefore("javascript","keyword",{regex:{pattern:/((?:^|[^$\w\xA0-\uFFFF."'\])\s]|\b(?:return|yield))\s*)\/(?:\[(?:[^\]\\\r\n]|\\.)*]|\\.|[^/\\\[\r\n])+\/[gimyus]{0,6}(?=(?:\s|\/\*(?:[^*]|\*(?!\/))*\*\/)*(?:$|[\r\n,.;:})\]]|\/\/))/,lookbehind:!0,greedy:!0,inside:{"regex-source":{pattern:/^(\/)[\s\S]+(?=\/[a-z]*$)/,lookbehind:!0,alias:"language-regex",inside:n.languages.regex},"regex-flags":/[a-z]+$/,"regex-delimiter":/^\/|\/$/}},"function-variable":{pattern:/#?[_$a-zA-Z\xA0-\uFFFF][$\w\xA0-\uFFFF]*(?=\s*[=:]\s*(?:async\s*)?(?:\bfunction\b|(?:\((?:[^()]|\([^()]*\))*\)|[_$a-zA-Z\xA0-\uFFFF][$\w\xA0-\uFFFF]*)\s*=>))/,alias:"function"},parameter:[{pattern:/(function(?:\s+[_$A-Za-z\xA0-\uFFFF][$\w\xA0-\uFFFF]*)?\s*\(\s*)(?!\s)(?:[^()]|\([^()]*\))+?(?=\s*\))/,lookbehind:!0,inside:n.languages.javascript},{pattern:/[_$a-z\xA0-\uFFFF][$\w\xA0-\uFFFF]*(?=\s*=>)/i,inside:n.languages.javascript},{pattern:/(\(\s*)(?!\s)(?:[^()]|\([^()]*\))+?(?=\s*\)\s*=>)/,lookbehind:!0,inside:n.languages.javascript},{pattern:/((?:\b|\s|^)(?!(?:as|async|await|break|case|catch|class|const|continue|debugger|default|delete|do|else|enum|export|extends|finally|for|from|function|get|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|set|static|super|switch|this|throw|try|typeof|undefined|var|void|while|with|yield)(?![$\w\xA0-\uFFFF]))(?:[_$A-Za-z\xA0-\uFFFF][$\w\xA0-\uFFFF]*\s*)\(\s*|\]\s*\(\s*)(?!\s)(?:[^()]|\([^()]*\))+?(?=\s*\)\s*\{)/,lookbehind:!0,inside:n.languages.javascript}],constant:/\b[A-Z](?:[A-Z_]|\dx?)*\b/}),n.languages.insertBefore("javascript","string",{"template-string":{pattern:/`(?:\\[\s\S]|\${(?:[^{}]|{(?:[^{}]|{[^}]*})*})+}|(?!\${)[^\\`])*`/,greedy:!0,inside:{"template-punctuation":{pattern:/^`|`$/,alias:"string"},interpolation:{pattern:/((?:^|[^\\])(?:\\{2})*)\${(?:[^{}]|{(?:[^{}]|{[^}]*})*})+}/,lookbehind:!0,inside:{"interpolation-punctuation":{pattern:/^\${|}$/,alias:"punctuation"},rest:n.languages.javascript}},string:/[\s\S]+/}}}),n.languages.markup&&n.languages.markup.tag.addInlined("script","javascript"),n.languages.js=n.languages.javascript,function(){if("undefined"!=typeof self&&self.Prism&&self.document){var e=window.Prism,t={js:"javascript",py:"python",rb:"ruby",ps1:"powershell",psm1:"powershell",sh:"bash",bat:"batch",h:"c",tex:"latex"},n='pre[data-src]:not([data-src-status="loaded"]):not([data-src-status="loading"])',r=/\blang(?:uage)?-([\w-]+)\b/i;e.hooks.add("before-highlightall",(function(e){e.selector+=", "+n})),e.hooks.add("before-sanity-check",(function(r){var o=r.element;if(o.matches(n)){r.code="",o.setAttribute("data-src-status","loading");var a=o.appendChild(document.createElement("CODE"));a.textContent="Loading…";var s=o.getAttribute("data-src"),l=r.language;if("none"===l){var c=(/\.(\w+)$/.exec(s)||[,"none"])[1];l=t[c]||c}i(a,l),i(o,l);var u=e.plugins.autoloader;u&&u.loadLanguages(l);var p=new XMLHttpRequest;p.open("GET",s,!0),p.onreadystatechange=function(){var t,n;4==p.readyState&&(p.status<400&&p.responseText?(o.setAttribute("data-src-status","loaded"),a.textContent=p.responseText,e.highlightElement(a)):(o.setAttribute("data-src-status","failed"),p.status>=400?a.textContent=(t=p.status,n=p.statusText,"✖ Error "+t+" while fetching file: "+n):a.textContent="✖ Error: File does not exist or is empty"))},p.send(null)}})),e.plugins.fileHighlight={highlight:function(t){for(var r,o=(t||document).querySelectorAll(n),i=0;r=o[i++];)e.highlightElement(r)}};var o=!1;e.fileHighlight=function(){o||(console.warn("Prism.fileHighlight is deprecated. Use `Prism.plugins.fileHighlight.highlight` instead."),o=!0),e.plugins.fileHighlight.highlight.apply(this,arguments)}}function i(e,t){var n=e.className;n=n.replace(r," ")+" language-"+t,e.className=n.replace(/\s+/g," ").trim()}}()}).call(this,n(6))},function(e,t){e.exports=function(e,t){return{enumerable:!(1&e),configurable:!(2&e),writable:!(4&e),value:t}}},function(e,t){e.exports={}},function(e,t){e.exports=function(e){if(null==e)throw TypeError("Can't call method on "+e);return e}},function(e,t,n){var r=n(41);e.exports=function(e){return Object(r(e))}},function(e,t){e.exports={}},function(e,t){e.exports=function(e){if("function"!=typeof e)throw TypeError(String(e)+" is not a function");return e}},function(e,t,n){var r=n(44);e.exports=function(e,t,n){if(r(e),void 0===t)return e;switch(n){case 0:return function(){return e.call(t)};case 1:return function(n){return e.call(t,n)};case 2:return function(n,r){return e.call(t,n,r)};case 3:return function(n,r,o){return e.call(t,n,r,o)}}return function(){return e.apply(t,arguments)}}},function(e,t,n){"use strict";function r(e){return null==e}e.exports.isNothing=r,e.exports.isObject=function(e){return"object"==typeof e&&null!==e},e.exports.toArray=function(e){return Array.isArray(e)?e:r(e)?[]:[e]},e.exports.repeat=function(e,t){var n,r="";for(n=0;n=0;r--){var o=e[r];"."===o?e.splice(r,1):".."===o?(e.splice(r,1),n++):n&&(e.splice(r,1),n--)}if(t)for(;n--;n)e.unshift("..");return e}function r(e,t){if(e.filter)return e.filter(t);for(var n=[],r=0;r=-1&&!o;i--){var a=i>=0?arguments[i]:e.cwd();if("string"!=typeof a)throw new TypeError("Arguments to path.resolve must be strings");a&&(t=a+"/"+t,o="/"===a.charAt(0))}return(o?"/":"")+(t=n(r(t.split("/"),(function(e){return!!e})),!o).join("/"))||"."},t.normalize=function(e){var i=t.isAbsolute(e),a="/"===o(e,-1);return(e=n(r(e.split("/"),(function(e){return!!e})),!i).join("/"))||i||(e="."),e&&a&&(e+="/"),(i?"/":"")+e},t.isAbsolute=function(e){return"/"===e.charAt(0)},t.join=function(){var e=Array.prototype.slice.call(arguments,0);return t.normalize(r(e,(function(e,t){if("string"!=typeof e)throw new TypeError("Arguments to path.join must be strings");return e})).join("/"))},t.relative=function(e,n){function r(e){for(var t=0;t=0&&""===e[n];n--);return t>n?[]:e.slice(t,n-t+1)}e=t.resolve(e).substr(1),n=t.resolve(n).substr(1);for(var o=r(e.split("/")),i=r(n.split("/")),a=Math.min(o.length,i.length),s=a,l=0;l=1;--i)if(47===(t=e.charCodeAt(i))){if(!o){r=i;break}}else o=!1;return-1===r?n?"/":".":n&&1===r?"/":e.slice(0,r)},t.basename=function(e,t){var n=function(e){"string"!=typeof e&&(e+="");var t,n=0,r=-1,o=!0;for(t=e.length-1;t>=0;--t)if(47===e.charCodeAt(t)){if(!o){n=t+1;break}}else-1===r&&(o=!1,r=t+1);return-1===r?"":e.slice(n,r)}(e);return t&&n.substr(-1*t.length)===t&&(n=n.substr(0,n.length-t.length)),n},t.extname=function(e){"string"!=typeof e&&(e+="");for(var t=-1,n=0,r=-1,o=!0,i=0,a=e.length-1;a>=0;--a){var s=e.charCodeAt(a);if(47!==s)-1===r&&(o=!1,r=a+1),46===s?-1===t?t=a:1!==i&&(i=1):-1!==t&&(i=-1);else if(!o){n=a+1;break}}return-1===t||-1===r||0===i||1===i&&t===r-1&&t===n+1?"":e.slice(t,r)};var o="b"==="ab".substr(-1)?function(e,t,n){return e.substr(t,n)}:function(e,t,n){return t<0&&(t=e.length+t),e.substr(t,n)}}).call(this,n(17))},function(e,t,n){(function(t){!function(t){"use strict";var n={newline:/^\n+/,code:/^( {4}[^\n]+\n*)+/,fences:/^ {0,3}(`{3,}|~{3,})([^`~\n]*)\n(?:|([\s\S]*?)\n)(?: {0,3}\1[~`]* *(?:\n+|$)|$)/,hr:/^ {0,3}((?:- *){3,}|(?:_ *){3,}|(?:\* *){3,})(?:\n+|$)/,heading:/^ {0,3}(#{1,6}) +([^\n]*?)(?: +#+)? *(?:\n+|$)/,blockquote:/^( {0,3}> ?(paragraph|[^\n]*)(?:\n|$))+/,list:/^( {0,3})(bull) [\s\S]+?(?:hr|def|\n{2,}(?! )(?!\1bull )\n*|\s*$)/,html:"^ {0,3}(?:<(script|pre|style)[\\s>][\\s\\S]*?(?:[^\\n]*\\n+|$)|comment[^\\n]*(\\n+|$)|<\\?[\\s\\S]*?\\?>\\n*|\\n*|\\n*|)[\\s\\S]*?(?:\\n{2,}|$)|<(?!script|pre|style)([a-z][\\w-]*)(?:attribute)*? */?>(?=[ \\t]*(?:\\n|$))[\\s\\S]*?(?:\\n{2,}|$)|(?=[ \\t]*(?:\\n|$))[\\s\\S]*?(?:\\n{2,}|$))",def:/^ {0,3}\[(label)\]: *\n? *]+)>?(?:(?: +\n? *| *\n *)(title))? *(?:\n+|$)/,nptable:g,table:g,lheading:/^([^\n]+)\n {0,3}(=+|-+) *(?:\n+|$)/,_paragraph:/^([^\n]+(?:\n(?!hr|heading|lheading|blockquote|fences|list|html)[^\n]+)*)/,text:/^[^\n]+/};function r(e){this.tokens=[],this.tokens.links=Object.create(null),this.options=e||_.defaults,this.rules=n.normal,this.options.pedantic?this.rules=n.pedantic:this.options.gfm&&(this.rules=n.gfm)}n._label=/(?!\s*\])(?:\\[\[\]]|[^\[\]])+/,n._title=/(?:"(?:\\"?|[^"\\])*"|'[^'\n]*(?:\n[^'\n]+)*\n?'|\([^()]*\))/,n.def=f(n.def).replace("label",n._label).replace("title",n._title).getRegex(),n.bullet=/(?:[*+-]|\d{1,9}\.)/,n.item=/^( *)(bull) ?[^\n]*(?:\n(?!\1bull ?)[^\n]*)*/,n.item=f(n.item,"gm").replace(/bull/g,n.bullet).getRegex(),n.list=f(n.list).replace(/bull/g,n.bullet).replace("hr","\\n+(?=\\1?(?:(?:- *){3,}|(?:_ *){3,}|(?:\\* *){3,})(?:\\n+|$))").replace("def","\\n+(?="+n.def.source+")").getRegex(),n._tag="address|article|aside|base|basefont|blockquote|body|caption|center|col|colgroup|dd|details|dialog|dir|div|dl|dt|fieldset|figcaption|figure|footer|form|frame|frameset|h[1-6]|head|header|hr|html|iframe|legend|li|link|main|menu|menuitem|meta|nav|noframes|ol|optgroup|option|p|param|section|source|summary|table|tbody|td|tfoot|th|thead|title|tr|track|ul",n._comment=//,n.html=f(n.html,"i").replace("comment",n._comment).replace("tag",n._tag).replace("attribute",/ +[a-zA-Z:_][\w.:-]*(?: *= *"[^"\n]*"| *= *'[^'\n]*'| *= *[^\s"'=<>`]+)?/).getRegex(),n.paragraph=f(n._paragraph).replace("hr",n.hr).replace("heading"," {0,3}#{1,6} +").replace("|lheading","").replace("blockquote"," {0,3}>").replace("fences"," {0,3}(?:`{3,}|~{3,})[^`\\n]*\\n").replace("list"," {0,3}(?:[*+-]|1[.)]) ").replace("html",")|<(?:script|pre|style|!--)").replace("tag",n._tag).getRegex(),n.blockquote=f(n.blockquote).replace("paragraph",n.paragraph).getRegex(),n.normal=v({},n),n.gfm=v({},n.normal,{nptable:/^ *([^|\n ].*\|.*)\n *([-:]+ *\|[-| :]*)(?:\n((?:.*[^>\n ].*(?:\n|$))*)\n*|$)/,table:/^ *\|(.+)\n *\|?( *[-:]+[-| :]*)(?:\n((?: *[^>\n ].*(?:\n|$))*)\n*|$)/}),n.pedantic=v({},n.normal,{html:f("^ *(?:comment *(?:\\n|\\s*$)|<(tag)[\\s\\S]+? *(?:\\n{2,}|\\s*$)|\\s]*)*?/?> *(?:\\n{2,}|\\s*$))").replace("comment",n._comment).replace(/tag/g,"(?!(?:a|em|strong|small|s|cite|q|dfn|abbr|data|time|code|var|samp|kbd|sub|sup|i|b|u|mark|ruby|rt|rp|bdi|bdo|span|br|wbr|ins|del|img)\\b)\\w+(?!:|[^\\w\\s@]*@)\\b").getRegex(),def:/^ *\[([^\]]+)\]: *]+)>?(?: +(["(][^\n]+[")]))? *(?:\n+|$)/,heading:/^ *(#{1,6}) *([^\n]+?) *(?:#+ *)?(?:\n+|$)/,fences:g,paragraph:f(n.normal._paragraph).replace("hr",n.hr).replace("heading"," *#{1,6} *[^\n]").replace("lheading",n.lheading).replace("blockquote"," {0,3}>").replace("|fences","").replace("|list","").replace("|html","").getRegex()}),r.rules=n,r.lex=function(e,t){return new r(t).lex(e)},r.prototype.lex=function(e){return e=e.replace(/\r\n|\r/g,"\n").replace(/\t/g," ").replace(/\u00a0/g," ").replace(/\u2424/g,"\n"),this.token(e,!0)},r.prototype.token=function(e,t){var r,o,i,a,s,l,c,p,f,d,h,m,g,v,x,w;for(e=e.replace(/^ +$/gm,"");e;)if((i=this.rules.newline.exec(e))&&(e=e.substring(i[0].length),i[0].length>1&&this.tokens.push({type:"space"})),i=this.rules.code.exec(e)){var _=this.tokens[this.tokens.length-1];e=e.substring(i[0].length),_&&"paragraph"===_.type?_.text+="\n"+i[0].trimRight():(i=i[0].replace(/^ {4}/gm,""),this.tokens.push({type:"code",codeBlockStyle:"indented",text:this.options.pedantic?i:b(i,"\n")}))}else if(i=this.rules.fences.exec(e))e=e.substring(i[0].length),this.tokens.push({type:"code",lang:i[2]?i[2].trim():i[2],text:i[3]||""});else if(i=this.rules.heading.exec(e))e=e.substring(i[0].length),this.tokens.push({type:"heading",depth:i[1].length,text:i[2]});else if((i=this.rules.nptable.exec(e))&&(l={type:"table",header:y(i[1].replace(/^ *| *\| *$/g,"")),align:i[2].replace(/^ *|\| *$/g,"").split(/ *\| */),cells:i[3]?i[3].replace(/\n$/,"").split("\n"):[]}).header.length===l.align.length){for(e=e.substring(i[0].length),h=0;h ?/gm,""),this.token(i,t),this.tokens.push({type:"blockquote_end"});else if(i=this.rules.list.exec(e)){for(e=e.substring(i[0].length),c={type:"list_start",ordered:v=(a=i[2]).length>1,start:v?+a:"",loose:!1},this.tokens.push(c),p=[],r=!1,g=(i=i[0].match(this.rules.item)).length,h=0;h1?1===s.length:s.length>1||this.options.smartLists&&s!==a)&&(e=i.slice(h+1).join("\n")+e,h=g-1)),o=r||/\n\n(?!\s*$)/.test(l),h!==g-1&&(r="\n"===l.charAt(l.length-1),o||(o=r)),o&&(c.loose=!0),w=void 0,(x=/^\[[ xX]\] /.test(l))&&(w=" "!==l[1],l=l.replace(/^\[[ xX]\] +/,"")),f={type:"list_item_start",task:x,checked:w,loose:o},p.push(f),this.tokens.push(f),this.token(l,!1),this.tokens.push({type:"list_item_end"});if(c.loose)for(g=p.length,h=0;h?@\[\]\\^_`{|}~])/,autolink:/^<(scheme:[^\s\x00-\x1f<>]*|email)>/,url:g,tag:"^comment|^|^<[a-zA-Z][\\w-]*(?:attribute)*?\\s*/?>|^<\\?[\\s\\S]*?\\?>|^|^",link:/^!?\[(label)\]\(\s*(href)(?:\s+(title))?\s*\)/,reflink:/^!?\[(label)\]\[(?!\s*\])((?:\\[\[\]]?|[^\[\]\\])+)\]/,nolink:/^!?\[(?!\s*\])((?:\[[^\[\]]*\]|\\[\[\]]|[^\[\]])*)\](?:\[\])?/,strong:/^__([^\s_])__(?!_)|^\*\*([^\s*])\*\*(?!\*)|^__([^\s][\s\S]*?[^\s])__(?!_)|^\*\*([^\s][\s\S]*?[^\s])\*\*(?!\*)/,em:/^_([^\s_])_(?!_)|^\*([^\s*<\[])\*(?!\*)|^_([^\s<][\s\S]*?[^\s_])_(?!_|[^\spunctuation])|^_([^\s_<][\s\S]*?[^\s])_(?!_|[^\spunctuation])|^\*([^\s<"][\s\S]*?[^\s\*])\*(?!\*|[^\spunctuation])|^\*([^\s*"<\[][\s\S]*?[^\s])\*(?!\*)/,code:/^(`+)([^`]|[^`][\s\S]*?[^`])\1(?!`)/,br:/^( {2,}|\\)\n(?!\s*$)/,del:g,text:/^(`+|[^`])(?:[\s\S]*?(?:(?=[\\?@\\[^_{|}~",o.em=f(o.em).replace(/punctuation/g,o._punctuation).getRegex(),o._escapes=/\\([!"#$%&'()*+,\-./:;<=>?@\[\]\\^_`{|}~])/g,o._scheme=/[a-zA-Z][a-zA-Z0-9+.-]{1,31}/,o._email=/[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+(@)[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)+(?![-_])/,o.autolink=f(o.autolink).replace("scheme",o._scheme).replace("email",o._email).getRegex(),o._attribute=/\s+[a-zA-Z:_][\w.:-]*(?:\s*=\s*"[^"]*"|\s*=\s*'[^']*'|\s*=\s*[^\s"'=<>`]+)?/,o.tag=f(o.tag).replace("comment",n._comment).replace("attribute",o._attribute).getRegex(),o._label=/(?:\[[^\[\]]*\]|\\.|`[^`]*`|[^\[\]\\`])*?/,o._href=/<(?:\\[<>]?|[^\s<>\\])*>|[^\s\x00-\x1f]*/,o._title=/"(?:\\"?|[^"\\])*"|'(?:\\'?|[^'\\])*'|\((?:\\\)?|[^)\\])*\)/,o.link=f(o.link).replace("label",o._label).replace("href",o._href).replace("title",o._title).getRegex(),o.reflink=f(o.reflink).replace("label",o._label).getRegex(),o.normal=v({},o),o.pedantic=v({},o.normal,{strong:/^__(?=\S)([\s\S]*?\S)__(?!_)|^\*\*(?=\S)([\s\S]*?\S)\*\*(?!\*)/,em:/^_(?=\S)([\s\S]*?\S)_(?!_)|^\*(?=\S)([\s\S]*?\S)\*(?!\*)/,link:f(/^!?\[(label)\]\((.*?)\)/).replace("label",o._label).getRegex(),reflink:f(/^!?\[(label)\]\s*\[([^\]]*)\]/).replace("label",o._label).getRegex()}),o.gfm=v({},o.normal,{escape:f(o.escape).replace("])","~|])").getRegex(),_extended_email:/[A-Za-z0-9._+-]+(@)[a-zA-Z0-9-_]+(?:\.[a-zA-Z0-9-_]*[a-zA-Z0-9])+(?![-_])/,url:/^((?:ftp|https?):\/\/|www\.)(?:[a-zA-Z0-9\-]+\.?)+[^\s<]*|^email/,_backpedal:/(?:[^?!.,:;*_~()&]+|\([^)]*\)|&(?![a-zA-Z0-9]+;$)|[?!.,:;*_~)]+(?!$))+/,del:/^~+(?=\S)([\s\S]*?\S)~+/,text:/^(`+|[^`])(?:[\s\S]*?(?:(?=[\\/i.test(a[0])&&(this.inLink=!1),!this.inRawBlock&&/^<(pre|code|kbd|script)(\s|>)/i.test(a[0])?this.inRawBlock=!0:this.inRawBlock&&/^<\/(pre|code|kbd|script)(\s|>)/i.test(a[0])&&(this.inRawBlock=!1),e=e.substring(a[0].length),l+=this.options.sanitize?this.options.sanitizer?this.options.sanitizer(a[0]):u(a[0]):a[0];else if(a=this.rules.link.exec(e)){var c=x(a[2],"()");if(c>-1){var p=4+a[1].length+c;a[2]=a[2].substring(0,c),a[0]=a[0].substring(0,p).trim(),a[3]=""}e=e.substring(a[0].length),this.inLink=!0,r=a[2],this.options.pedantic?(t=/^([^'"]*[^\s])\s+(['"])(.*)\2/.exec(r))?(r=t[1],o=t[3]):o="":o=a[3]?a[3].slice(1,-1):"",r=r.trim().replace(/^<([\s\S]*)>$/,"$1"),l+=this.outputLink(a,{href:i.escapes(r),title:i.escapes(o)}),this.inLink=!1}else if((a=this.rules.reflink.exec(e))||(a=this.rules.nolink.exec(e))){if(e=e.substring(a[0].length),t=(a[2]||a[1]).replace(/\s+/g," "),!(t=this.links[t.toLowerCase()])||!t.href){l+=a[0].charAt(0),e=a[0].substring(1)+e;continue}this.inLink=!0,l+=this.outputLink(a,t),this.inLink=!1}else if(a=this.rules.strong.exec(e))e=e.substring(a[0].length),l+=this.renderer.strong(this.output(a[4]||a[3]||a[2]||a[1]));else if(a=this.rules.em.exec(e))e=e.substring(a[0].length),l+=this.renderer.em(this.output(a[6]||a[5]||a[4]||a[3]||a[2]||a[1]));else if(a=this.rules.code.exec(e))e=e.substring(a[0].length),l+=this.renderer.codespan(u(a[2].trim(),!0));else if(a=this.rules.br.exec(e))e=e.substring(a[0].length),l+=this.renderer.br();else if(a=this.rules.del.exec(e))e=e.substring(a[0].length),l+=this.renderer.del(this.output(a[1]));else if(a=this.rules.autolink.exec(e))e=e.substring(a[0].length),r="@"===a[2]?"mailto:"+(n=u(this.mangle(a[1]))):n=u(a[1]),l+=this.renderer.link(r,null,n);else if(this.inLink||!(a=this.rules.url.exec(e))){if(a=this.rules.text.exec(e))e=e.substring(a[0].length),this.inRawBlock?l+=this.renderer.text(this.options.sanitize?this.options.sanitizer?this.options.sanitizer(a[0]):u(a[0]):a[0]):l+=this.renderer.text(u(this.smartypants(a[0])));else if(e)throw new Error("Infinite loop on byte: "+e.charCodeAt(0))}else{if("@"===a[2])r="mailto:"+(n=u(a[0]));else{do{s=a[0],a[0]=this.rules._backpedal.exec(a[0])[0]}while(s!==a[0]);n=u(a[0]),r="www."===a[1]?"http://"+n:n}e=e.substring(a[0].length),l+=this.renderer.link(r,null,n)}return l},i.escapes=function(e){return e?e.replace(i.rules._escapes,"$1"):e},i.prototype.outputLink=function(e,t){var n=t.href,r=t.title?u(t.title):null;return"!"!==e[0].charAt(0)?this.renderer.link(n,r,this.output(e[1])):this.renderer.image(n,r,u(e[1]))},i.prototype.smartypants=function(e){return this.options.smartypants?e.replace(/---/g,"—").replace(/--/g,"–").replace(/(^|[-\u2014/(\[{"\s])'/g,"$1‘").replace(/'/g,"’").replace(/(^|[-\u2014/(\[{\u2018\s])"/g,"$1“").replace(/"/g,"”").replace(/\.{3}/g,"…"):e},i.prototype.mangle=function(e){if(!this.options.mangle)return e;for(var t,n="",r=e.length,o=0;o.5&&(t="x"+t.toString(16)),n+="&#"+t+";";return n},a.prototype.code=function(e,t,n){var r=(t||"").match(/\S*/)[0];if(this.options.highlight){var o=this.options.highlight(e,r);null!=o&&o!==e&&(n=!0,e=o)}return r?'
'+(n?e:u(e,!0))+"
\n":"
"+(n?e:u(e,!0))+"
"},a.prototype.blockquote=function(e){return"
\n"+e+"
\n"},a.prototype.html=function(e){return e},a.prototype.heading=function(e,t,n,r){return this.options.headerIds?"'+e+"\n":""+e+"\n"},a.prototype.hr=function(){return this.options.xhtml?"
\n":"
\n"},a.prototype.list=function(e,t,n){var r=t?"ol":"ul";return"<"+r+(t&&1!==n?' start="'+n+'"':"")+">\n"+e+"\n"},a.prototype.listitem=function(e){return"
  • "+e+"
  • \n"},a.prototype.checkbox=function(e){return" "},a.prototype.paragraph=function(e){return"

    "+e+"

    \n"},a.prototype.table=function(e,t){return t&&(t=""+t+""),"\n\n"+e+"\n"+t+"
    \n"},a.prototype.tablerow=function(e){return"\n"+e+"\n"},a.prototype.tablecell=function(e,t){var n=t.header?"th":"td";return(t.align?"<"+n+' align="'+t.align+'">':"<"+n+">")+e+"\n"},a.prototype.strong=function(e){return""+e+""},a.prototype.em=function(e){return""+e+""},a.prototype.codespan=function(e){return""+e+""},a.prototype.br=function(){return this.options.xhtml?"
    ":"
    "},a.prototype.del=function(e){return""+e+""},a.prototype.link=function(e,t,n){if(null===(e=d(this.options.sanitize,this.options.baseUrl,e)))return n;var r='"},a.prototype.image=function(e,t,n){if(null===(e=d(this.options.sanitize,this.options.baseUrl,e)))return n;var r=''+n+'":">"},a.prototype.text=function(e){return e},s.prototype.strong=s.prototype.em=s.prototype.codespan=s.prototype.del=s.prototype.text=function(e){return e},s.prototype.link=s.prototype.image=function(e,t,n){return""+n},s.prototype.br=function(){return""},l.parse=function(e,t){return new l(t).parse(e)},l.prototype.parse=function(e){this.inline=new i(e.links,this.options),this.inlineText=new i(e.links,v({},this.options,{renderer:new s})),this.tokens=e.reverse();for(var t="";this.next();)t+=this.tok();return t},l.prototype.next=function(){return this.token=this.tokens.pop(),this.token},l.prototype.peek=function(){return this.tokens[this.tokens.length-1]||0},l.prototype.parseText=function(){for(var e=this.token.text;"text"===this.peek().type;)e+="\n"+this.next().text;return this.inline.output(e)},l.prototype.tok=function(){switch(this.token.type){case"space":return"";case"hr":return this.renderer.hr();case"heading":return this.renderer.heading(this.inline.output(this.token.text),this.token.depth,p(this.inlineText.output(this.token.text)),this.slugger);case"code":return this.renderer.code(this.token.text,this.token.lang,this.token.escaped);case"table":var e,t,n,r,o="",i="";for(n="",e=0;e?@[\]^`{|}~]/g,"").replace(/\s/g,"-");if(this.seen.hasOwnProperty(t)){var n=t;do{this.seen[n]++,t=n+"-"+this.seen[n]}while(this.seen.hasOwnProperty(t))}return this.seen[t]=0,t},u.escapeTest=/[&<>"']/,u.escapeReplace=/[&<>"']/g,u.replacements={"&":"&","<":"<",">":">",'"':""","'":"'"},u.escapeTestNoEncode=/[<>"']|&(?!#?\w+;)/,u.escapeReplaceNoEncode=/[<>"']|&(?!#?\w+;)/g;var h={},m=/^$|^[a-z][a-z0-9+.-]*:|^[?#]/i;function g(){}function v(e){for(var t,n,r=1;r=0&&"\\"===n[o];)r=!r;return r?"|":" |"})).split(/ \|/),r=0;if(n.length>t)n.splice(t);else for(;n.lengthAn error occurred:

    "+u(e.message+"",!0)+"
    ";throw e}}g.exec=g,_.options=_.setOptions=function(e){return v(_.defaults,e),_},_.getDefaults=function(){return{baseUrl:null,breaks:!1,gfm:!0,headerIds:!0,headerPrefix:"",highlight:null,langPrefix:"language-",mangle:!0,pedantic:!1,renderer:new a,sanitize:!1,sanitizer:null,silent:!1,smartLists:!1,smartypants:!1,xhtml:!1}},_.defaults=_.getDefaults(),_.Parser=l,_.parser=l.parse,_.Renderer=a,_.TextRenderer=s,_.Lexer=r,_.lexer=r.lex,_.InlineLexer=i,_.inlineLexer=i.output,_.Slugger=c,_.parse=_,e.exports=_}(this||"undefined"!=typeof window&&window)}).call(this,n(6))},function(e,t,n){var r=n(8);e.exports=function(e,t){if(!r(e))return e;var n,o;if(t&&"function"==typeof(n=e.toString)&&!r(o=n.call(e)))return o;if("function"==typeof(n=e.valueOf)&&!r(o=n.call(e)))return o;if(!t&&"function"==typeof(n=e.toString)&&!r(o=n.call(e)))return o;throw TypeError("Can't convert object to primitive value")}},function(e,t){var n=0,r=Math.random();e.exports=function(e){return"Symbol("+String(void 0===e?"":e)+")_"+(++n+r).toString(36)}},function(e,t,n){var r=n(71),o=n(51),i=r("keys");e.exports=function(e){return i[e]||(i[e]=o(e))}},function(e,t,n){"use strict";var r={}.propertyIsEnumerable,o=Object.getOwnPropertyDescriptor,i=o&&!r.call({1:2},1);t.f=i?function(e){var t=o(this,e);return!!t&&t.enumerable}:r},function(e,t,n){var r,o=n(19),i=n(169),a=n(80),s=n(40),l=n(108),c=n(73),u=n(52),p=u("IE_PROTO"),f=function(){},d=function(e){return" -

    Enterprise Mission Assurance Support Service (eMASS) (v3.2)

    Download OpenAPI specification:Download

    The Enterprise Mission Assurance Support Service (eMASS) Representational State + " fill="currentColor">

    Enterprise Mission Assurance Support Service (eMASS) (v3.12)

    Download OpenAPI specification:Download

    The Enterprise Mission Assurance Support Service (eMASS) Representational State Transfer (REST) Application Programming Interface (API) enables users to perform -assessments and complete actions associated with system records. This command-line -interface (CLI) tool implements all of the eMASS endpoints defined in the eMASS -REST API v3.2, dated October 21, 2021.

    -

    Register CLI
    -New users will need to register an API key with the eMASS development team prior to -accessing the site for the first time. The eMASS REST API requires a client certificate -(SSL/TLS, DoD PKI only) where {url}/api/register (POST) is used to register the client -certificate.

    -

    Every call to the eMASS REST API will require the use of the agreed upon public key -certificate and API key. The API key must be provided in the request header for all -endpoint calls (api-key). If the service receives an untrusted certificate or API key, a -401 error response code will be returned along with an error message.

    -

    Available Request Headers:

    +assessments and complete actions associated with system records.

    +

    Register External Application (that use the eMASS API)
    +New users will need to register +an API key with the eMASS development team prior to accessing the site for the first time. The eMASS REST API +requires a client certificate (SSL/TLS, DoD PKI only). Use the Registration POST endpoint to register the client +certificate. The endpoint returns the user api-key.

    +

    Every call to the eMASS REST API will require the use of the agreed upon public key certificate and API key. +The API key must be provided in the request header for all endpoint calls (api-key). If the service receives +an untrusted certificate or API key, a 401 error response code will be returned along with an error message.

    +

    Available Request Headers

    @@ -479,126 +611,139 @@


    Approve API Client for Actionable Requests
    Users are required to log-in to eMASS and grant permissions for a client to update data within eMASS on their behalf. This is only required for actionable requests (PUT, POST, -DELETE). The Registration Endpoint and all GET requests can be accessed without -completing this process with the correct permissions. Please note that leaving a field -parameter blank (for PUT/POST requests) has the potential to clear information in the -active eMASS records.

    +DELETE). The Registration Endpoint and all GET requests can be accessed without completing +this process with the correct permissions. Please note that leaving a field parameter blank +(for PUT/POST requests) has the potential to clear information in the active eMASS records.

    To establish an account with eMASS and/or acquire an api-key/user-uid, contact one of the listed POC:

    -

    Authentication

    apikey

    The API key must be provided in the request header for all endpoint calls.
    See the

    -
    key
    Security Scheme Type API Key
    Header parameter name: api-key

    userid

    This User unique identifier key must be provided in the request header for all PUT, POST, and DELETE endpoint calls.

    -
    Security Scheme Type API Key
    Header parameter name: user-uid

    Test

    The Test Connection endpoint provides the ability to verify connection to the web service.

    -

    Test connection to the API

    Returns endpoint call status

    -
    Authorizations:

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": {
      }
    }

    Registration

    The Registration endpoint provides the ability to register a certificate & obtain an API-key.

    -

    Register user certificate and obtain an API key

    Returns the api-key - This API key must be provided in the request header for all endpoint calls (api-key).

    -
    Authorizations:
    Request Body schema: application/json

    User certificate previously provided by eMASS.

    -
    user-uid
    required
    string

    Responses

    Request samples

    Content type
    application/json
    {
    • "user-uid": "MY.USERUUID.KEY"
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": {
      }
    }

    Systems

    The Systems endpoints provide the ability to view system information.

    +

    Authentication

    apiKey

    The API key must be provided in the request header for all eMASS endpoint calls.

    For connecting to a mock server, any value is acceptable, e.g., 123

    +
    Security Scheme Type API Key
    Header parameter name: api-key

    userId

    This User unique identifier key must be provided in the request header for all PUT, POST, and DELETE endpoint calls.
    Note: For DoD users this is the DoD ID Number (EIDIPI) on their DoD CAC.

    For connecting to a mock server, any value is acceptable, e.g., 123

    +
    Security Scheme Type API Key
    Header parameter name: user-uid

    mockType

    This header parameter is ony utilized when interacting with the mock server.
    Options are (enter in the Value textbox):

    +
      +
    • For random response values code=200, dynamic=true
    • +
    • For static response values code=200
    • +
    +
    Security Scheme Type API Key
    Header parameter name: Prefer

    Test

    The Test Connection endpoint provides the ability to verify connection to the web service.

    +

    Test connection to the API

    Tests the endpoint connection

    +
    Authorizations:

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": {
      }
    }

    Registration

    The Registration endpoint provides the ability to register a certificate & obtain an API-key.

    +

    Register user certificate and obtain an API key

    Returns the API Key (api-key) that must be provided in the request header for all endpoint calls.

    +
    Authorizations:

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": {
      }
    }

    Systems

    The Systems endpoints provide the ability to view system information.

    Notes

      -
    • If a system is dual-policy enabled, the returned system details default to the RMF policy information unless otherwise specified for an individual system.
    • +
    • If a system is dual-policy enabled, the returned system details default to +the RMF policy information unless otherwise specified for an individual system.
    • Certain fields are instance specific and may not be returned in GET request.
    -

    Get system information

    Returns all system(s) that match the query parameters

    -
    Authorizations:
    query Parameters
    includePackage
    boolean
    Default: true
    Enum: true false

    Include Package: Indicates if additional packages information is retrieved for queried system.

    -
    registrationType
    string
    Default: "regular"

    Registration Type: Filter record by selected registration type (single value or comma delimited values).

    +

    Get system information

    Returns all system(s) that match the query parameters

    +
    Authorizations:
    query Parameters
    coamsId
    string

    COAMS ID: Filter query by Cyber Operational Attributes Management System (COAMS).

    +
    ditprId
    string

    DITPR ID: Filter query by DoD Information Technology (IT) Portfolio Repository (DITPR).

    +
    includeDecommissioned
    boolean
    Default: true

    Include Decommissioned Systems: Indicates if decommissioned systems are retrieved.

    +

    If no value is specified, the default returns true to include decommissioned systems.

    +
    includeDitprMetrics
    boolean
    Default: false

    Include DITPR: Indicates if DITPR metrics are retrieved.

    +

    This query string parameter cannot be used in conjunction with the following parameters:

    +
      +
    • includePackage
    • +
    • ditprId
    • +
    • coamsId
    • +
    +

    If no value is specified, the default returns false to not include DITPR Metrics.

    +
    includePackage
    boolean
    Default: false

    Include Package: Indicates if additional packages information are retrieved for queried system.

    +

    If no value is specified, the default returns false to not include package information

    +
    policy
    string
    Default: "rmf"
    Enum: "diacap" "rmf" "reporting"

    System Policy: Filter query by system policy.

    +

    If no value is specified, the default returns RMF policy information for dual-policy systems.

    +
    registrationType
    string
    Default: "regular"

    Registration Type: Filter record by selected registration type (single value or comma delimited values).

    Available values: assessAndAuthorize, assessOnly, guest, regular, functional, cloudServiceProvider, commonControlProvider

    -
    ditprId
    string

    DITPR ID: Filter query by DoD Information Technology (IT) Portfolio Repository (DITPR).

    -
    coamsId
    string

    COAMS ID: Filter query by Cyber Operational Attributes Management System (COAMS).

    -
    policy
    string
    Default: "rmf"
    Enum: "diacap" "rmf" "reporting"

    System Policy: Filter query by system policy. If no value is specified and more than one policy is available, the default return is the RMF policy information.

    -
    includeDitprMetrics
    boolean
    Default: false
    Enum: true false

    Include DITPR: Indicates if DITPR metrics are retrieved. This query string parameter can only be used in conjunction with the following parameters:
    -

      -
    • registrationType
    • -
    • policy
    • -

    -
    includeDecommissioned
    boolean
    Default: true
    Enum: true false

    Include Decommissioned Systems: Indicates if decommissioned systems are retrieved. If no value is specified, the default returns true to include decommissioned systems.

    -
    reportsForScorecard
    boolean
    Default: true
    Enum: true false

    DoD Cyber Hygiene Scorecard: Indicates if the system reports to the DoD Cyber Hygiene Scorecard.

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Get system information for a specific system

    Returns the system matching provided parameters

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    query Parameters
    includePackage
    boolean
    Default: true
    Enum: true false

    Include Package: Indicates if additional packages information is retrieved for queried system.

    -
    policy
    string
    Default: "rmf"
    Enum: "diacap" "rmf" "reporting"

    System Policy: Filter query by system policy. If no value is specified and more than one policy is available, the default return is the RMF policy information.

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    System Roles

    The System Roles endpoints provides the ability to access user data assigned to systems.

    +
    reportsForScorecard
    boolean
    Default: true

    DoD Cyber Hygiene Scorecard: Used to filter results to only return systems that report to the DoD Cyber Hygiene Scorecard.

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Get system information for a specific system

    Returns the system matching provided parameters

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    query Parameters
    includePackage
    boolean
    Default: false

    Include Package: Indicates if additional packages information are retrieved for queried system.

    +

    If no value is specified, the default returns false to not include package information

    +
    policy
    string
    Default: "rmf"
    Enum: "diacap" "rmf" "reporting"

    System Policy: Filter query by system policy.

    +

    If no value is specified, the default returns RMF policy information for dual-policy systems.

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": {
      }
    }

    System Roles

    The System Roles endpoints provides the ability to access user data assigned to systems.

    Notes:

    • The endpoint can access three different role categories: PAC, CAC, and Other.
    • -
    • If a system is dual-policy enabled, the returned system role information will default to the RMF policy information unless otherwise specified.
    • +
    • If a system is dual-policy enabled, the returned system role information will default +to the RMF policy information unless otherwise specified.
    -

    Get available roles

    Returns all available roles

    -
    Authorizations:

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Get system roles

    Returns the role(s) data matching parameters.

    -
    Authorizations:
    path Parameters
    roleCategory
    required
    string
    Default: "PAC"
    Enum: "CAC" "PAC" "Other"

    Role Category: The system role category been queried

    -
    query Parameters
    role
    required
    string
    Default: "Validator (IV&V)"
    Enum: "AO" "Auditor" "Artifact Manager" "C&A Team" "IAO" "ISSO" "PM/IAM" "SCA" "User Rep (View Only)" "Validator (IV&V)"

    Role: Required parameter. Accepts single value from available options.

    -
    policy
    string
    Default: "rmf"
    Enum: "diacap" "rmf" "reporting"

    System Policy: Filter query by system policy. If no value is specified and more than one policy is available, the default return is the RMF policy information.

    -
    includeDecommissioned
    boolean
    Default: true
    Enum: true false

    Include Decommissioned Systems: Indicates if decommissioned systems are retrieved. If no value is specified, the default returns true to include decommissioned systems.

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Controls

    The Controls endpoints provide the ability to view, add, and update Security Control information to a system for both the Implementation Plan and Risk Assessment.

    -

    Get control information in a system for one or many controls

    Returns system control information for matching systemId path parameter

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    query Parameters
    acronyms
    string
    Default: "PM-6"

    Acronym: The system acronym(s) being queried (single value or comma delimited values).

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Update control information in a system for one or many controls

    Update a Control for given systemId

    +

    Get available roles

    Returns all available roles

    +
    Authorizations:

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Get system roles

    Returns the role(s) data matching parameters.

    +
    Authorizations:
    path Parameters
    roleCategory
    required
    string
    Default: "PAC"
    Enum: "CAC" "PAC" "Other"

    Role Category: The system role category been queried

    +
    query Parameters
    role
    required
    string
    Default: "IAO"

    Role: Accepts single value from options available at base system-roles endpoint e.g., SCA.

    +
    policy
    string
    Default: "rmf"
    Enum: "diacap" "rmf" "reporting"

    System Policy: Filter query by system policy.

    +

    If no value is specified, the default returns RMF policy information for dual-policy systems.

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Controls

    The Controls endpoints provide the ability to view, add, and update Security Control information to a system for both the Implementation Plan and Risk Assessment.

    +

    Get control information in a system for one or many controls

    Returns system control information for matching systemId path parameter

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    query Parameters
    acronyms
    string
    Default: "PM-6"

    Acronym: The system acronym(s) being queried (single value or comma delimited values).

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Update control information in a system for one or many controls

    Update a Control for given systemId

    Request Body Required Fields

    • acronym
    • @@ -607,112 +752,123 @@
    • estimatedCompletionDate
    • implementationNarrative
    -

    The following optional fields are required based on the Implementation Status implementationStatus value
    +

    The following optional fields (plus the Request Body Required Fields) are required based on the Implementation Status implementationStatus value
    | Value | Required Fields |--------------------------|--------------------------------------------------- -| Planned or Implemented | estimatedCompletionDate, responsibleEntities, slcmCriticality, slcmFrequency, slcmMethod, slcmReporting, slcmTracking, slcmComments -| Not Applicable | naJustification, responsibleEntities -| Manually Inherited | commonControlProvider, estimatedCompletionDate, responsibleEntities, slcmCriticality, slcmFrequency, slcmMethod, slcmReporting, slcmTracking, slcmComments

    -

    If the Implementation Status implementationStatus value is "Inherited", only the following fields can be updated:

    +| Planned or Implemented | slcmCriticality, slcmFrequency, slcmMethod, slcmReporting, slcmTracking, slcmComments +| Not Applicable | naJustification +| Manually Inherited | commonControlProvider, slcmCriticality, slcmFrequency, slcmMethod, slcmReporting, slcmTracking, slcmComments

    +

    If the Implementation Status implementationStatus value is Inherited, only the following fields can be updated:

    • controlDesignation
    • commonnControlProvider
    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    Request Body schema: application/json

    Update an existing control by Id

    -
    acronym
    required
    string^[A-Z0-9-]{3,6}

    [Required] Required to match the NIST SP 800-53 Revision 4.

    -
    responsibleEntities
    required
    string

    [Required] Include written description of Responsible Entities that are responsible for the Security Control. Character Limit = 2,000.

    -
    implementationStatus
    string
    Enum: "Planned" "Implemented" "Inherited" "Not Applicable" "Manually Inherited"

    [Optional] Implementation Status of the Security Control for the information system.

    -
    commonControlProvider
    string
    Enum: "DoD" "Component" "Enclave"

    [Conditional] Indicate the type of Common Control Provider for an “Inherited” Security Control.

    -
    naJustification
    string

    [Conditional] Provide justification for Security Controls deemed Not Applicable to the system.

    -
    controlDesignation
    required
    string
    Enum: "Common" "System-Specific" "Hybrid"

    [Required] Control designations

    -
    testMethod
    string
    Enum: "Test" "Interview" "Examine" "Test, Interview" "Test, Examine" "Interview, Examine" "Test, Interview, Examine"

    [Optional] Identifies the assessment method / combination that will determine if the security requirements are implemented correctly.

    -
    estimatedCompletionDate
    required
    integer [ 1500000000 .. 1900000000 ]

    [Required] Field is required for Implementation Plan.

    -
    implementationNarrative
    required
    string

    [Required] Includes security control comments. Character Limit = 2,000.

    -
    slcmCriticality
    string

    [Conditional] Criticality of Security Control regarding SLCM. Character Limit = 2,000.

    -
    slcmFrequency
    string
    Enum: "Constantly" "Daily" "Weekly" "Monthly" "Quarterly" "Semi-Annually" "Annually" "Every Two Years" "Every Three Years" "Undetermined"

    [Conditional] SLCM frequency

    -
    slcmMethod
    string
    Enum: "Automated" "Semi-Automated" "Manual" "Undetermined"

    [Conditional] SLCM method utilized

    -
    slcmReporting
    string

    [Conditional] Method for reporting Security Control for SLCM. Character Limit = 2,000.

    -
    slcmTracking
    string

    [Conditional] How Non-Compliant Security Controls will be tracked for SLCM. Character Limit = 2,000.

    -
    slcmComments
    string

    [Conditional] Additional comments for Security Control regarding SLCM. Character Limit = 4,000.

    -
    severity
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -
    vulnerabiltySummary
    string

    [Optional] Include vulnerability summary. Character Limit = 2,000.

    -
    recommendations
    string

    [Optional] Include recommendations. Character Limit = 2,000.

    -
    relevanceOfThreat
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -
    likelihood
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -
    impact
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -
    impactDescription
    string

    [Optional] Include description of Security Control's impact.

    -
    residualRiskLevel
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -

    Responses

    Request samples

    Content type
    application/json
    {
    • "acronym": "AC-3",
    • "responsibleEntities": "Unknown",
    • "implementationStatus": "Planned",
    • "commonControlProvider": "DoD",
    • "naJustification": "System EOL within 120 days",
    • "controlDesignation": "Common",
    • "testMethod": "Test",
    • "estimatedCompletionDate": 1638741660,
    • "implementationNarrative": "Test Imp. Narrative",
    • "slcmCriticality": "Test Criticality",
    • "slcmFrequency": "Annually",
    • "slcmMethod": "Automated",
    • "slcmReporting": "Test Reporting",
    • "slcmTracking": "Test Tracking",
    • "slcmComments": "Test SLCM Comments",
    • "severity": "Low",
    • "vulnerabiltySummary": "Test Vulnerability Summary",
    • "recommendations": "Test Recommendations",
    • "relevanceOfThreat": "Low",
    • "likelihood": "Low",
    • "impact": "Low",
    • "impactDescription": "Impact text",
    • "residualRiskLevel": "Low"
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Test Results

    The Test Results endpoints provide the ability to view and add test results for a system's Assessment Procedures (CCIs) which determine Security Control compliance.

    -

    Get one or many test results in a system

    Returns system test results information for matching parameters.

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    query Parameters
    controlAcronyms
    string

    System Acronym: Filter query by given system acronym (single or comma separated).

    -
    ccis
    string

    CCI System: Filter query by Control Correlation Identifiers (CCIs).

    -
    latestOnly
    boolean
    Default: true
    Enum: true false

    Latest Results Only: Indicates that only the latest test resultes are retrieved (single or comma separated).

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Add one or many test results in a system

    Adds test results for given systemId

    +

    NOTES:

    +
      +
    • Implementation Plan information cannot be saved if the these fields exceed 2,000 character limits:
        +
      • naJustification,responsibleEntities,implementationNarrative,slcmCriticality
      • +
      • slcmFrequency,slcmMethod,slcmReporting,slcmTracking,slcmComments
      • +
      +
    • +
    • Implementation Plan information cannot be updated if Security Control does not exist in the system record.
    • +
    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Update an existing control by Id

    +
    Array ()
    acronym
    string

    [Required] Required to match the NIST SP 800-53 Revision 4.

    +
    responsibleEntities
    string

    [Required] Include written description of Responsible Entities that are responsible for the Security Control. Character Limit = 2,000.

    +
    implementationStatus
    string

    [Optional] Implementation Status of the Security Control for the information system.

    +
    commonControlProvider
    string

    [Conditional] Indicate the type of Common Control Provider for an “Inherited” Security Control.

    +
    naJustification
    string

    [Conditional] Provide justification for Security Controls deemed Not Applicable to the system.

    +
    controlDesignation
    string

    [Required] Control designations

    +
    testMethod
    string

    [Optional] Identifies the assessment method / combination that will determine if the security requirements are implemented correctly.

    +
    estimatedCompletionDate
    integer

    [Required] Field is required for Implementation Plan.

    +
    implementationNarrative
    string

    [Required] Includes security control comments. Character Limit = 2,000.

    +
    slcmCriticality
    string

    [Conditional] Criticality of Security Control regarding SLCM. Character Limit = 2,000.

    +
    slcmFrequency
    string

    [Conditional] SLCM frequency

    +
    slcmMethod
    string

    [Conditional] SLCM method utilized

    +
    slcmReporting
    string

    [Conditional] Method for reporting Security Control for SLCM. Character Limit = 2,000.

    +
    slcmTracking
    string

    [Conditional] How Non-Compliant Security Controls will be tracked for SLCM. Character Limit = 2,000.

    +
    slcmComments
    string

    [Conditional] Additional comments for Security Control regarding SLCM. Character Limit = 4,000.

    +
    severity
    string

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +
    vulnerabiltySummary
    string

    [Optional] Include vulnerability summary. Character Limit = 2,000.

    +
    recommendations
    string

    [Optional] Include recommendations. Character Limit = 2,000.

    +
    relevanceOfThreat
    string

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +
    likelihood
    string

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +
    impact
    string

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +
    impactDescription
    string

    [Optional] Include description of Security Control's impact.

    +
    residualRiskLevel
    string

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Test Results

    The Test Results endpoints provide the ability to view and add test results for a system's Assessment Procedures which determine Security Control compliance.

    +

    Get one or many test results in a system

    Returns system test results information for matching parameters.

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    query Parameters
    controlAcronyms
    string

    Control Acronym: Filter query by given system acronym (single value or comma separated).

    +
    assessmentProcedures
    string

    Assessment Procedure: Filter query by given Security Control Assessment Procedure (single value or comma separated).

    +
    ccis
    string

    CCI System: Filter query by Control Correlation Identifiers (CCIs) (single value or comma separated).

    +
    latestOnly
    boolean
    Default: true

    Latest Results Only: Indicates that only the latest test resultes are retrieved.

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Add one or many test results in a system

    Adds test results for given systemId

    Request Body Required Fields

      -
    • cci
    • testedBy
    • testDate
    • description
    • complianceStatus
    • +
    • assessmentProcedure
    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    Request Body schema: application/json

    Update an existing control by Id

    -
    cci
    required
    string^\d{5,6},\d{5,6}

    [Required] CCI associated with test result.

    -
    testedBy
    required
    string

    [Required] Last Name, First Name. 100 Characters.

    -
    testDate
    required
    integer <int64> [ 1500000000 .. 1900000000 ]

    [Required] Unix time format.

    -
    description
    required
    string

    [Required] Include description of test result. 4000 Characters.

    -
    complianceStatus
    required
    string
    Enum: "Compliant" "Non-Compliant" "Not Applicable"

    [Required] Test result compliance status

    -

    Responses

    Request samples

    Content type
    application/json
    {
    • "cci": "000001",
    • "testedBy": "Smith, Joe",
    • "testDate": 1638741660,
    • "description": "Test result description",
    • "complianceStatus": "Compliant"
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    POAM

    The POA&Ms endpoints provide the ability to view, add, update, and remove Plan of Action and Milestones (POA&M) items and associated milestones for a system.

    -

    Get one or many POA&M items in a system

    Returns system(s) containing POA&M items for matching parameters.

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    query Parameters
    scheduledCompletionDateStart
    string

    Date Started: Filter query by the scheduled completion start date (Unix date format).

    -
    scheduledCompletionDateEnd
    string

    Date Ended: Filter query by the scheduled completion start date (Unix date format).

    -
    controlAcronyms
    string

    System Acronym: Filter query by given system acronym (single or comma separated).

    -
    ccis
    string

    CCI System: Filter query by Control Correlation Identifiers (CCIs).

    -
    systemOnly
    boolean
    Default: true
    Enum: true false

    Systems Only: Indicates that only system(s) information is retrieved.

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Add one or many POA&M items in a system

    Add a POA&M for given systemId

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Add test results to a system (systemId)

    +
    Array ()
    testedBy
    string

    [Required] Last Name, First Name. 100 Characters.

    +
    testDate
    integer <int64>

    [Required] Unix time format.

    +
    description
    string

    [Required] Include description of test result. 4000 Characters.

    +
    complianceStatus
    string

    [Required] Test result compliance status

    +
    assessmentProcedure
    string

    [Required] The Security Control Assessment Procedure being assessed.

    +

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    POAM

    The POA&Ms endpoints provide the ability to view, add, update, and remove Plan of Action and Milestones (POA&M) items and associated milestones for a system.

    +

    Get one or many POA&M items in a system

    Returns system(s) containing POA&M items for matching parameters.

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    query Parameters
    scheduledCompletionDateStart
    string

    Date Started: Filter query by the scheduled completion start date (Unix date format).

    +
    scheduledCompletionDateEnd
    string

    Date Ended: Filter query by the scheduled completion start date (Unix date format).

    +
    controlAcronyms
    string

    Control Acronym: Filter query by given system acronym (single value or comma separated).

    +
    assessmentProcedures
    string

    Assessment Procedure: Filter query by given Security Control Assessment Procedure (single value or comma separated).

    +
    ccis
    string

    CCI System: Filter query by Control Correlation Identifiers (CCIs) (single value or comma separated).

    +
    systemOnly
    boolean
    Default: true

    Systems Only: Indicates that only system(s) information is retrieved.

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Add one or many POA&M items in a system

    Add a POA&M for given systemId

    Request Body Required Fields

    • status
    • @@ -726,45 +882,46 @@ registered within the application and pre-populate any information not explicitly supplied in the request. If no such user is found, these fields are required within the request.
      pocFirstName, pocLastName, pocPhoneNumber

      -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    Request Body schema: application/json

    Update an existing control by Id

    -
    status
    string
    Enum: "Ongoing" "Risk Accepted" "Completed" "Not Applicable"

    [Required] Values include the following: (Ongoing,Risk Accepted,Completed,Not Applicable

    -
    vulnerabilityDescription
    string

    [Required] Provide a description of the POA&M Item. 2000 Characters.

    -
    sourceIdentVuln
    string
    Enum: "Not Approved" "Under Review" "Approved"

    [Required] Include Source Identifying Vulnerability text. 2000 Characters.

    -
    pocOrganization
    string

    [Required] Organization/Office represented. 100 Characters.

    -
    resources
    string

    [Required] List of resources used. 250 Characters.

    -
    pocFirstName
    string

    [Required] First name of POC. 100 Characters.

    -
    pocLastName
    string

    [Required] Last name of POC. 100 Characters.

    -
    pocEmail
    string

    [Required] Email address of POC. 100 Characters.

    -
    pocPhoneNumber
    string

    [Required] Phone number of POC (area code) -* format. 100 Characters.

    -
    externalUid
    string

    [Optional] Unique identifier external to the eMASS application for use with associating POA&Ms. 100 Characters.

    -
    controlAcronym
    string

    [Optional] Control acronym associated with the POA&M Item. NIST SP 800-53 Revision 4 defined.

    -
    cci
    string^\d{5,6},\d{5,6}

    [Optional] CCI associated with POA&M.

    -
    securityChecks
    string

    [Optional] Security Checks that are associated with the POA&M.

    -
    rawSeverity
    string
    Enum: "I" "II" "III"

    [Optional] Values include the following options (I,II,III)

    -
    relevanceOfThreat
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -
    likelihood
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -
    impact
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -
    impactDescription
    string

    [Optional] Include description of Security Control’s impact.

    -
    residualRiskLevel
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -
    recommendations
    string

    [Optional] Include recommendations. Character Limit = 2,000.

    -
    mitigation
    string

    [Optional] Include mitigation explanation. 2000 Characters.

    -
    severity
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Conditional] Required for approved items. Values include the following options: (Very Low, Low, Moderate,High,Very High)

    -
    scheduledCompletionDate
    integer <int64> [ 1500000000 .. 1900000000 ]

    [Conditional] Required for ongoing and completed POA&M items. Unix time format.

    -
    comments
    string

    [Conditional] Field is required for completed and risk accepted POA&M items. 2000 Characters

    -
    completionDate
    integer <int64> [ 1500000000 .. 1900000000 ]

    [Conditional] Field is required for completed POA&M items. Unix time format.

    -
    Array of objects (Milestones) <= 3 items >= 1

    Responses

    Request samples

    Content type
    application/json
    {
    • "status": "Completed",
    • "vulnerabilityDescription": "Description text",
    • "sourceIdentVuln": "Source Indentifying Vulnerability text",
    • "pocOrganization": "Army",
    • "resources": "Resource text.",
    • "pocFirstName": "John",
    • "pocLastName": "Smith",
    • "pocEmail": "smith@ah.com",
    • "pocPhoneNumber": "555-555-5555",
    • "externalUid": "d6d98b88-c866-4496-9bd4-de7ba48d0f52",
    • "controlAcronym": "“AC-3”",
    • "cci": "000001",
    • "securityChecks": "SV-25123r1_rule,2016-A-0279",
    • "rawSeverity": "I",
    • "relevanceOfThreat": "Low",
    • "likelihood": "Low",
    • "impact": "Low",
    • "impactDescription": "Impact text",
    • "residualRiskLevel": "Low",
    • "recommendations": "Recommendations text",
    • "mitigation": "Mitigation text",
    • "severity": "Low",
    • "scheduledCompletionDate": 1599644800,
    • "comments": "Comments text.",
    • "completionDate": 1505916276,
    • "milestones": [
      ]
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Update one or many POA&M items in a system

    Update a POA&M for given systemId

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Add POA&M(s) to a system (systemID)

    +
    Array ()
    status
    string
    Enum: "Ongoing" "Risk Accepted" "Completed" "Not Applicable"

    [Required] Values include the following: (Ongoing,Risk Accepted,Completed,Not Applicable

    +
    vulnerabilityDescription
    string

    [Required] Provide a description of the POA&M Item. 2000 Characters.

    +
    sourceIdentVuln
    string

    [Required] Include Source Identifying Vulnerability text. 2000 Characters.

    +
    pocOrganization
    string

    [Required] Organization/Office represented. 100 Characters.

    +
    resources
    string

    [Required] List of resources used. 250 Characters.

    +
    pocFirstName
    string

    [Required] First name of POC. 100 Characters.

    +
    pocLastName
    string

    [Required] Last name of POC. 100 Characters.

    +
    pocEmail
    string

    [Required] Email address of POC. 100 Characters.

    +
    pocPhoneNumber
    string

    [Required] Phone number of POC (area code) -* format. 100 Characters.

    +
    externalUid
    string

    [Optional] Unique identifier external to the eMASS application for use with associating POA&Ms. 100 Characters.

    +
    controlAcronym
    string

    [Optional] Control acronym associated with the POA&M Item. NIST SP 800-53 Revision 4 defined.

    +
    cci
    string

    [Optional] CCI associated with POA&M.

    +
    assessmentProcedure
    string

    [Optional] The Security Control Assessment Procedure being associated with the POA&M Item.

    +
    securityChecks
    string

    [Optional] Security Checks that are associated with the POA&M.

    +
    rawSeverity
    string
    Enum: "I" "II" "III"

    [Optional] Values include the following options (I,II,III)

    +
    relevanceOfThreat
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +
    likelihood
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +
    impact
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +
    impactDescription
    string

    [Optional] Include description of Security Control’s impact.

    +
    residualRiskLevel
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +
    recommendations
    string

    [Optional] Include recommendations. Character Limit = 2,000.

    +
    mitigation
    string

    [Optional] Include mitigation explanation. 2000 Characters.

    +
    severity
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Conditional] Required for approved items. Values include the following options: (Very Low, Low, Moderate,High,Very High)

    +
    scheduledCompletionDate
    integer <int64> Nullable

    [Conditional] Required for ongoing and completed POA&M items. Unix time format.

    +
    comments
    string

    [Conditional] Field is required for completed and risk accepted POA&M items. 2000 Characters

    +
    completionDate
    integer <int64>

    [Conditional] Field is required for completed POA&M items. Unix time format.

    +
    Array of objects (Milestones)

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Update one or many POA&M items in a system

    Update a POA&M for given systemId

    Request Body Required Fields

    • poamId
    • @@ -782,217 +939,242 @@ in the request. If no such user is found, these fields are required within the request.
      pocOrganization, pocFirstName, pocLastName, pocEmail, pocPhoneNumber

      -
    • To delete a milestone through the POA&M PUT the field isActive must be set to false: isActive=false.

      +
    • To prevent uploading duplicate/undesired milestones through the POA&M PUT we must include an isActive field for the milestone and set it to equal to false (isActive=false).

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    Request Body schema: application/json

    Update an existing control by Id

    -
    poamId
    integer <int64> [ 1 .. 300 ]

    [Required] Unique item identifier

    -
    displayPoamId
    integer <int64> [ 100000000 .. 101003239 ]

    [Required] Globally unique identifier for individual POA&M Items, seen on the front-end as “ID”.

    -
    status
    string
    Enum: "Ongoing" "Risk Accepted" "Completed" "Not Applicable"

    [Required] The POA&M status

    -
    vulnerabilityDescription
    string

    [Required] Provide a description of the POA&M Item. 2000 Characters.

    -
    sourceIdentVuln
    string

    [Required] Include Source Identifying Vulnerability text. 2000 Characters.

    -
    pocOrganization
    string

    [Required] Organization/Office represented. 100 Characters.

    -
    resources
    string

    [Required] List of resources used. 250 Characters.

    -
    externalUid
    string

    [Optional] Unique identifier external to the eMASS application for use with associating POA&Ms. 100 Characters.

    -
    controlAcronym
    string

    [Optional] Control acronym associated with the POA&M Item. NIST SP 800-53 Revision 4 defined.

    -
    cci
    string^\d{5,6},\d{5,6}

    CCI associated with POA&M.

    -
    securityChecks
    string

    [Optional] Security Checks that are associated with the POA&M.

    -
    rawSeverity
    string
    Enum: "I" "II" "III"

    [Optional] Values include the following options (I,II,III)

    -
    relevanceOfThreat
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -
    likelihood
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -
    impact
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -
    impactDescription
    string

    [Optional] Include description of Security Control’s impact.

    -
    residualRiskLevel
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    -
    recommendations
    string

    [Optional] Include recommendations. Character Limit = 2,000.

    -
    mitigation
    string

    [Optional] Include mitigation explanation. 2000 Characters.

    -
    pocFirstName
    string

    [Conditional] First name of POC. 100 Characters.

    -
    pocLastName
    string

    [Conditional] Last name of POC. 100 Characters.

    -
    pocEmail
    string

    [Conditional] Email address of POC. 100 Characters.

    -
    pocPhoneNumber
    string

    [Conditional] Phone number of POC (area code) -* format. 100 Characters.

    -
    severity
    string
    Enum: "Very Low" "Low" "Moderate" "High" "Very High"

    [Conditional] Required for approved items. Values include the following options: (Very Low, Low, Moderate,High,Very High)

    -
    scheduledCompletionDate
    integer <int64> [ 1500000000 .. 1900000000 ]

    [Conditional] Required for ongoing and completed POA&M items. Unix time format.

    -
    completionDate
    integer <int64> [ 1500000000 .. 1900000000 ]

    [Conditional] Field is required for completed POA&M items. Unix time format.

    -
    comments
    string

    [Conditional] Field is required for completed and risk accepted POA&M items. 2000 Characters

    -
    isActive
    boolean

    [Conditional] Optionally used in PUT to delete milestones when updating a POA&M.

    -
    Array of objects (Milestones) <= 3 items >= 1

    Responses

    Request samples

    Content type
    application/json
    {
    • "poamId": 45,
    • "displayPoamId": 450000000,
    • "status": "Completed",
    • "vulnerabilityDescription": "Description text",
    • "sourceIdentVuln": "Source Indentifying Vulnerability text",
    • "pocOrganization": "Army",
    • "resources": "Resource text.",
    • "externalUid": "d6d98b88-c866-4496-9bd4-de7ba48d0f52",
    • "controlAcronym": "“AC-3”",
    • "cci": "000001",
    • "securityChecks": "SV-25123r1_rule,2016-A-0279",
    • "rawSeverity": "I",
    • "relevanceOfThreat": "Low",
    • "likelihood": "Low",
    • "impact": "Low",
    • "impactDescription": "Impact text",
    • "residualRiskLevel": "Low",
    • "recommendations": "Recommendations text",
    • "mitigation": "Mitigation text",
    • "pocFirstName": "John",
    • "pocLastName": "Smith",
    • "pocEmail": "smith@ah.com",
    • "pocPhoneNumber": "555-555-5555",
    • "severity": "Low",
    • "scheduledCompletionDate": 1599644800,
    • "completionDate": 1505916276,
    • "comments": "Comments text.",
    • "isActive": true,
    • "milestones": [
      ]
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Remove one or many POA&M items in a system

    Remove the POA&M matching systemId path parameter and poamId query parameter

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    Request Body schema: application/json

    Delete the given POA&M Id

    -
    poamId
    required
    integer <int64> [ 1 .. 300 ]

    [Required] Unique item identifier

    -

    Responses

    Request samples

    Content type
    application/json
    {
    • "poamId": 45
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Get POA&M item by ID in a system

    Returns system(s) containing POA&M items for matching parameters.

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    poamId
    required
    integer
    Example: 45

    POA&M Id: The unique POA&M record identifier.

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Milestones

    The Milestones endpoints provide the ability to view, add, update, and remove milestones that are associated with Plan of Action and Milestones (POA&M) items for a system.

    -

    Get milestones in one or many POA&M items in a system

    Returns system containing milestones for matching parameters.

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    poamId
    required
    integer
    Example: 45

    POA&M Id: The unique POA&M record identifier.

    -
    query Parameters
    scheduledCompletionDateStart
    string

    Date Started: Filter query by the scheduled completion start date (Unix date format).

    -
    scheduledCompletionDateEnd
    string

    Date Ended: Filter query by the scheduled completion start date (Unix date format).

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Add milestones to one or many POA&M items in a system

    Adds a milestone for given systemId and poamId path parameters

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Update an existing control by Id

    +
    Array ()
    poamId
    integer <int64>

    [Required] Unique item identifier

    +
    displayPoamId
    integer <int64>

    [Required] Globally unique identifier for individual POA&M Items, seen on the front-end as “ID”.

    +
    status
    string
    Enum: "Ongoing" "Risk Accepted" "Completed" "Not Applicable"

    [Required] The POA&M status

    +
    vulnerabilityDescription
    string

    [Required] Provide a description of the POA&M Item. 2000 Characters.

    +
    sourceIdentVuln
    string

    [Required] Include Source Identifying Vulnerability text. 2000 Characters.

    +
    pocOrganization
    string

    [Required] Organization/Office represented. 100 Characters.

    +
    resources
    string

    [Required] List of resources used. 250 Characters.

    +
    externalUid
    string

    [Optional] Unique identifier external to the eMASS application for use with associating POA&Ms. 100 Characters.

    +
    controlAcronym
    string

    [Optional] Control acronym associated with the POA&M Item. NIST SP 800-53 Revision 4 defined.

    +
    cci
    string

    CCI associated with POA&M.

    +
    assessmentProcedure
    string

    [Optional] The Security Control Assessment Procedure being associated with the POA&M Item.

    +
    securityChecks
    string

    [Optional] Security Checks that are associated with the POA&M.

    +
    rawSeverity
    string

    [Optional] Values include the following options (I,II,III)

    +
    relevanceOfThreat
    string

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +
    likelihood
    string

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +
    impact
    string

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +
    impactDescription
    string

    [Optional] Include description of Security Control's impact.

    +
    residualRiskLevel
    string

    [Optional] Values include the following options (Very Low, Low, Moderate,High,Very High)

    +
    recommendations
    string

    [Optional] Include recommendations. Character Limit = 2,000.

    +
    mitigation
    string

    [Optional] Include mitigation explanation. 2000 Characters.

    +
    pocFirstName
    string

    [Conditional] First name of POC. 100 Characters.

    +
    pocLastName
    string

    [Conditional] Last name of POC. 100 Characters.

    +
    pocEmail
    string

    [Conditional] Email address of POC. 100 Characters.

    +
    pocPhoneNumber
    string

    [Conditional] Phone number of POC (area code) -* format. 100 Characters.

    +
    severity
    string

    [Conditional] Required for approved items. Values include the following options: (Very Low, Low, Moderate,High,Very High)

    +
    scheduledCompletionDate
    integer <int64> Nullable

    [Conditional] Required for ongoing and completed POA&M items. Unix time format.

    +
    completionDate
    integer <int64>

    [Conditional] Field is required for completed POA&M items. Unix time format.

    +
    comments
    string

    [Conditional] Field is required for completed and risk accepted POA&M items. 2000 Characters

    +
    isActive
    boolean

    [Conditional] Optionally used in PUT to delete milestones when updating a POA&M.

    +
    Array of objects (Milestones)

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Remove one or many POA&M items in a system

    Remove the POA&M matching systemId path parameter and poamId Request Body

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Delete the given POA&M Id

    +
    Array ()
    poamId
    integer <int64>

    [Required] Unique item identifier

    +

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Get POA&M item by ID in a system

    Returns system(s) containing POA&M items for matching parameters.

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    poamId
    required
    integer
    Example: 45

    POA&M Id: The unique POA&M record identifier.

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": {
      }
    }

    Milestones

    The Milestones endpoints provide the ability to view, add, update, and remove milestones that are associated with Plan of Action and Milestones (POA&M) items for a system.

    +

    Get milestones in one or many POA&M items in a system

    Returns system containing milestones for matching parameters.

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    poamId
    required
    integer
    Example: 45

    POA&M Id: The unique POA&M record identifier.

    +
    query Parameters
    scheduledCompletionDateStart
    string

    Date Started: Filter query by the scheduled completion start date (Unix date format).

    +
    scheduledCompletionDateEnd
    string

    Date Ended: Filter query by the scheduled completion start date (Unix date format).

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Add milestones to one or many POA&M items in a system

    Adds a milestone for given systemId and poamId path parameters

    Request Body Required Fields

    • description
    • scheduledCompletionDate
    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    poamId
    required
    integer
    Example: 45

    POA&M Id: The unique POA&M record identifier.

    -
    Request Body schema: application/json

    Update an existing milestone

    -
    poamId
    required
    integer <int64> [ 1 .. 300 ]

    [Required] Unique POA&M item identifier.

    -
    description
    required
    string

    [Required] Provide a description of the milestone.

    -
    scheduledCompletionDate
    required
    integer <int64> [ 1500000000 .. 1900000000 ]

    [Required] Unix date format.

    -

    Responses

    Request samples

    Content type
    application/json
    {
    • "poamId": 45,
    • "description": "Description text",
    • "scheduledCompletionDate": 1599644800
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Update one or many POA&M items in a system

    Updates a milestone for given systemId and poamId path parameters

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    poamId
    required
    integer
    Example: 45

    POA&M Id: The unique POA&M record identifier.

    +
    Request Body schema: application/json

    Add milestones to an existing system poam

    +
    Array ()
    description
    string

    [Required] Provide a description of the milestone.

    +
    scheduledCompletionDate
    integer <int64>

    [Required] Unix date format.

    +

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Update one or many POA&M items in a system

    Updates a milestone for given systemId and poamId path parameters

    Request Body Required Fields

    • milestoneId
    • description
    • scheduledCompletionDate
    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    poamId
    required
    integer
    Example: 45

    POA&M Id: The unique POA&M record identifier.

    -
    Request Body schema: application/json

    Update an existing control by Id

    -
    milestoneId
    required
    integer <int64> [ 1 .. 300 ]

    [Required] Unique milestone identifier.

    -
    description
    required
    string

    [Required] Provide a description of the milestone.

    -
    scheduledCompletionDate
    required
    integer <int64> [ 1500000000 .. 1900000000 ]

    [Required] Unix date format.

    -

    Responses

    Request samples

    Content type
    application/json
    {
    • "milestoneId": 19,
    • "description": "Description text",
    • "scheduledCompletionDate": 1599644800
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Remove milestones in a system for one or many POA&M items

    Remove the POA&M matching systemId path parameter
    -Notes
    +

    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    poamId
    required
    integer
    Example: 45

    POA&M Id: The unique POA&M record identifier.

    +
    Request Body schema: application/json

    Update milestones for an existing system poam

    +
    Array ()
    milestoneId
    integer <int64>

    [Required] Unique milestone identifier.

    +
    description
    string

    [Required] Provide a description of the milestone.

    +
    scheduledCompletionDate
    integer <int64>

    [Required] Unix date format.

    +

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Remove milestones in a system for one or many POA&M items

    Remove the POA&M matching systemId and poamId for path parameters and milstoneId provide in the Requst Body

    +

    Notes
    To delete a milestone the record must be inactive by having the field isActive set to false (isActive=false).

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    poamId
    required
    integer
    Example: 45

    POA&M Id: The unique POA&M record identifier.

    -
    Request Body schema: application/json

    Delete the given Milestone Id

    -
    milestoneId
    required
    integer <int64> [ 1 .. 300 ]

    [Required] Unique item identifier

    -

    Responses

    Request samples

    Content type
    application/json
    {
    • "milestoneId": 19
    }

    Response samples

    Content type
    application/json
    { }

    Get milestone by ID in POA&M item in a system

    Returns systems containing milestones for matching parameters.

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    poamId
    required
    integer
    Example: 45

    POA&M Id: The unique POA&M record identifier.

    -
    milestoneId
    required
    integer
    Example: 77

    Milestone Id: The unique milestone record identifier.

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Artifacts

    The Artifacts endpoints provide the ability to view, add, update, and remove artifacts (supporting documentation/evidence) and associated files for a system.

    -

    Get one or many artifacts in a system

    Returns selected artifacts matching parameters to include the file name containing the artifacts.

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    query Parameters
    filename
    string
    Example: filename=ArtifactsExporFile.pdf

    File Name: The file name (to include file-extension).

    -
    controlAcronyms
    string

    System Acronym: Filter query by given system acronym (single or comma separated).

    -
    ccis
    string

    CCI System: Filter query by Control Correlation Identifiers (CCIs).

    -
    systemOnly
    boolean
    Default: true
    Enum: true false

    Systems Only: Indicates that only system(s) information is retrieved.

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Add one or many artifacts in a system

    Information
    -The request body of a POST request through the Artifact Endpoint accepts a single binary file -with file extension ".zip" only. This accepted .zip file should contain one or more files -corresponding to existing artifacts or new artifacts that will be created upon successful receipt. -Filename uniqueness throughout eMASS will be enforced by the API.

    -Upon successful receipt of a file, if a file within the .zip is matched via filename to an artifact -existing within the application, the file associated with the artifact will be updated. If no artifact -is matched via filename to the application, a new artifact will be created with the following -default values. Any values not specified below will be blank.

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    poamId
    required
    integer
    Example: 45

    POA&M Id: The unique POA&M record identifier.

    +
    Request Body schema: application/json

    Delete the given Milestone Id

    +
    Array ()
    milestoneId
    integer <int64>

    [Required] Unique item identifier

    +

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Get milestone by ID in POA&M item in a system

    Returns systems containing milestones for matching parameters.

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    poamId
    required
    integer
    Example: 45

    POA&M Id: The unique POA&M record identifier.

    +
    milestoneId
    required
    integer
    Example: 77

    Milestone Id: The unique milestone record identifier.

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": {
      }
    }

    Artifacts

    The Artifacts endpoints provide the ability to view, add, update, and remove artifacts (supporting documentation/evidence) and associated files for a system.

    +

    Get one or many artifacts in a system

    Returns selected artifacts matching parameters to include the file name containing the artifacts.

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    query Parameters
    filename
    string
    Example: filename=ArtifactsExporFile.pdf

    File Name: The file name (to include file-extension).

    +
    controlAcronyms
    string

    Control Acronym: Filter query by given system acronym (single value or comma separated).

    +
    assessmentProcedures
    string

    Assessment Procedure: Filter query by given Security Control Assessment Procedure (single value or comma separated).

    +
    ccis
    string

    CCI System: Filter query by Control Correlation Identifiers (CCIs) (single value or comma separated).

    +
    systemOnly
    boolean
    Default: true

    Systems Only: Indicates that only system(s) information is retrieved.

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Add one or many artifacts in a system

    Information
    +The body of a request through the Artifacts POST endpoint accepts a single binary file. Two +Artifact POST methods are currently accepted: individual and bulk. Filename uniqueness within +an eMASS system will be enforced by the API for both methods. +

    +For POST requests that should result in a single artifact, the request should include the file. +

    +For POST requests that should result in the creation of many artifacts, the request should include +a single file with the extension ".zip" only and the parameter isBulk should be set to true. This +.zip file should contain one or more files corresponding to existing artifacts or new artifacts that +will be created upon successful receipt. +

    +Upon successful receipt of one or many artifacts, if a file is matched via filename to an artifact +existing within the application, the file associated with the artifact will be updated. If no artifact +is matched via filename to the application, a new artifact will be created with the following +default values. Any values not specified below will be null

    • isTemplate: false
    • -
    • type: other
    • -
    • category: evidence
    • +
    • type: Other
    • +
    • category: Evidence
    To update values other than the file itself, please submit a PUT request.
    -

    Zip file information
    -Upload a zip file contain one or more files corresponding to existing artifacts -or new artifacts that will be created upon successful receipt.

    -Business Rules
    -Artifact cannot be saved if the file does not have the following file extensions:

    +

    Business Rules
    +Artifact cannot be saved if the fields below exceed the following character limits:

    +
      +
    • Filename - 1,000 characters
    • +
    • Name - 100 characters
    • +
    • Description - 10,000 characters
    • +
    • Reference Page Number - 50 characters
    • +
    +Artifact cannot be saved if the file does not have an allowable file extension/type: +
    .docx,.doc,.txt,.rtf,.xfdl,.xml,.mht,.mh,tml,.html,.htm,.pdf,.mdb,.accdb,.ppt,
     .pptx,.xls,.xlsx,.csv,.log,.jpeg,.jpg,.tiff,.bmp,.tif,.png,.gif,.zip,.rar,.msg,
    -.vsd,.vsw,.vdx,.z{#},.ckl,.avi,.vsdx

    Artifact version cannot be saved if an Artifact with the same file name already exist in the system.

    +.vsd,.vsw,.vdx,.z{#},.ckl,.avi,.vsdx

    Artifact version cannot be saved if an Artifact with the same file name (filename) already exist in the system.

    Artifact cannot be saved if the file size exceeds 30MB.

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    Request Body schema: multipart/form-data

    See Information posted above for additional instructions

    -
    isTemplate
    boolean
    type
    string
    Enum: "Procedure" "Diagram" "Policy" "Labor" "Document" "Image" "Other" "Scan Result" "Auditor Report"
    category
    string
    Enum: "Implementation Guidance" "Evidence"
    Zipper
    required
    string <binary>

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Update one or many artifacts in a system

    Updates an artifact for given systemId path parameter

    +

    Artifact cannot be saved if the following fields are missing data:

    +
      +
    • Filename (filename)
    • +
    • Type (type)
    • +
    • Category (category)
    • +
    + +

    Artifact cannot be saved if the Last Review Date (lastReviewedDate) is set in the future.

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    query Parameters
    isBulk
    boolean
    Default: false

    Is Bulk: If no value is specified, the default is false, +and an individual artifact file is expected.

    +

    When set to true, a .zip file is expected which +can contain multiple artifact files"

    +
    Request Body schema: multipart/form-data

    See Information posted above for additional instructions

    +
    isTemplate
    boolean
    type
    string
    Enum: "Procedure" "Diagram" "Policy" "Labor" "Document" "Image" "Other" "Scan Result" "Auditor Report"
    category
    string
    Enum: "Implementation Guidance" "Evidence"
    Zipper
    required
    string <binary>

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Update one or many artifacts in a system

    Updates an artifact for given systemId path parameter

    Request Body Required Fields

    • filename
    • @@ -1000,230 +1182,990 @@
    • type
    • category
    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    Request Body schema: application/json

    See information above for additional instructions

    -
    filename
    required
    string

    [Required] File name should match exactly one file within the provided zip file. 1000 Characters.

    -
    isTemplate
    required
    boolean

    [Required] Indicates it is an artifact template.

    -
    type
    required
    string
    Enum: "Procedure" "Diagram" "Policy" "Labor" "Document" "Image" "Other" "Scan Result"

    [Required] Artifact type options

    -
    category
    required
    string
    Enum: "Implementation Guidance" "Evidence"

    [Required] Artifact category options

    -
    description
    string

    [Optional] Artifact description. 2000 Characters.

    -
    refPageNumber
    string

    [Optional] Artifact reference page number. 50 Characters.

    -
    ccis
    string^\d{5,6},\d{5,6}

    [Required] CCI associated with test result.

    -
    controls
    string^[A-Z0-9-]{3,6}

    [Optional] Control acronym associated with the artifact. NIST SP 800-53 Revision 4 defined.

    -
    artifactExpirationDate
    integer <int64> [ 1500000000 .. 1900000000 ]

    [Optional] Date Artifact expires and requires review. In Unix Date format.

    -
    lastReviewedDate
    integer <int64> [ 1500000000 .. 1900000000 ]

    [Optional]] Date Artifact was last reviewed.. Unix time format.

    -

    Responses

    Request samples

    Content type
    application/json
    {
    • "filename": "AutorizationGuidance.pdf",
    • "isTemplate": false,
    • "type": "Policy",
    • "category": "Change Request",
    • "description": "Artifact description text",
    • "refPageNumber": "Reference page number",
    • "ccis": "000001,000002",
    • "controls": "AC-8,AC-2(4)",
    • "artifactExpirationDate": 1549036928,
    • "lastReviewedDate": 1549036928
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Remove one or many artifacts in a system

    Remove the Artifact(s) matching systemId path parameter and request body artifact(s) file name

    +

    Information
    +The PUT request will replace all existing data with the field/value combinations included in the request body.

    +

    If any fields are not included, the absent fields will become null.

    +

    The fields name and isTemplate are non-nullable fields. If not specified in the PUT command +they will default to the following:

    +
      +
    • name=filename
    • +
    • isTemplate=false
    • +
    +

    Also, note that one-to-many fields (controls and ccis) will also be replaced with the values specified in the PUT.

    +

    If existing control or cci mappings exist in eMASS, the values in the PUT will not append, but +rather replace all existing control and cci mappings with the values in the request body.

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    See information above for additional instructions

    +
    Array ()
    filename
    string

    [Required] File name should match exactly one file within the provided zip file. 1000 Characters.

    +
    isTemplate
    boolean

    [Required] Indicates it is an artifact template.

    +
    type
    string

    [Required] Artifact type options

    +
    category
    string

    [Required] Artifact category options

    +
    name
    string Nullable

    [Optional] Artifact name. Character Limit = 100.

    +
    description
    string

    [Optional] Artifact description. 10,000 Characters.

    +
    referencePageNumber
    string

    [Optional] Artifact reference page number. 50 Characters.

    +
    controls
    string Nullable

    [Optional] Control acronym associated with the artifact. NIST SP 800-53 Revision 4 defined.

    +
    assessmentProcedures
    string

    [Optional] The Security Control Assessment Procedure being associated with the artifact.

    +
    expirationDate
    integer <int64> Nullable

    [Optional] Date Artifact expires and requires review. In Unix Date format.

    +
    lastReviewedDate
    integer <int64> Nullable

    [Optional] Date Artifact was last reviewed. Unix time format.

    +
    signedDate
    integer <int64> Nullable

    [Optional] Date artifact was signed. Unix time format.

    +

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Remove one or many artifacts in a system

    Remove the Artifact(s) matching systemId path parameter and request body artifact(s) file name

    Note: Multiple files can be deleted by providing multiple file names at the CL (comma delimited)

    Example: --files file1.txt, file2.txt

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    Request Body schema: application/json

    See notes above for additional information

    -
    Array (<= 4 items)
    filename
    string

    [Required] File name should match exactly one file within the provided zip file. 1000 Characters.

    -

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Artifacts Export

    The Artifacts Export endpoint provides the ability to download artifact files for a system.

    -

    Get the file of an artifact in a system

    Sample Responce
    +

    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Delete artifact files for the given System Id

    +
    Array ()
    filename
    string

    [Required] File name should match exactly one file within the provided zip file. 1000 Characters.

    +

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Artifacts Export

    The Artifacts Export endpoint provides the ability to download artifact files for a system.

    +

    Get the file of an artifact in a system

    Sample Responce
    Binary file associated with given filename.
    If compress parameter is specified, zip archive of binary file associated with given filename.

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    query Parameters
    filename
    required
    string
    Example: filename=ArtifactsExporFile.pdf

    File Name: The file name (to include file-extension).

    -
    compress
    boolean
    Default: true
    Enum: true false

    Compress File: Determines if returned file is compressed.

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      }
    }

    CAC

    The Control Approval Chain (CAC) endpoints provide the ability to view the status of +

    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    query Parameters
    filename
    required
    string
    Example: filename=ArtifactsExporFile.pdf

    File Name: The file name (to include file-extension).

    +
    compress
    boolean
    Default: true

    Compress File: Determines if returned file is compressed.

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      }
    }

    CAC

    The Control Approval Chain (CAC) endpoints provide the ability to view the status of Security Controls and submit them to the second stage in the Control Approval Chain.

    Notes:

      -
    • POST requests will only yield successful results if the Security Control is at the -first stage of the CAC. If the control is not at the first stage, an error will be returned.
    • +
    • POST requests will only yield successful results if the Security Control is at the first +stage of the CAC. If the control is not at the first stage, an error will be returned.
    -

    Get location of one or many controls in CAC

    Returns the location of a system's package in the Control Approval Chain (CAC) for matching systemId path parameter

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    query Parameters
    controlAcronyms
    string

    System Acronym: Filter query by given system acronym (single or comma separated).

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Submit control to second role of CAC

    Adds a Control Approval Chain (CAC) for given systemId path parameter

    -POST requests will only yield successful results if the control is currently sitting at the first +

    Get location of one or many controls in CAC

    Returns the location of a system's package in the Control Approval Chain (CAC) for matching systemId path parameter

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    query Parameters
    controlAcronyms
    string

    Control Acronym: Filter query by given system acronym (single value or comma separated).

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Submit control to second role of CAC

    Request Body Required Fields

    +
      +
    • controlAcronym
    • +
    • comments
    • +
    +

    Notes:

    +
      +
    • Comments comments are not required at the first role of the CAC but are required at the second role of +the CAC. Comments cannot exceed 10,000 characters.

      +
    • +
    • POST requests will only yield successful results if the control is currently sitting at the first role of the CAC. If the control is not currently sitting at the first role, then an error will be returned.

      -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    Request Body schema: application/json

    Update an existing Artifact by Id

    -
    controlAcronym
    string

    [Required] System acronym name.

    -
    comments
    string

    [Conditional] Control Approval Chain comments - 2000 Characters.

    -

    Responses

    Request samples

    Content type
    application/json
    {
    • "controlAcronym": "AC-3",
    • "comments": "Control Approval Chain comments text."
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    PAC

    The Package Approval Chain (PAC) endpoints provide the ability to view the status of + + +

    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Add control(s) to second role of CAC

    +
    Array ()
    controlAcronym
    string

    [Required] System acronym name.

    +
    comments
    string

    [Conditional] Control Approval Chain comments - 2000 Characters.

    +

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    PAC

    The Package Approval Chain (PAC) endpoints provide the ability to view the status of existing workflows and initiate new workflows for a system.

    Notes:

      -
    • If the indicated system has any active workflows, the response will include information -such as the workflow type and the current stage of each workflow.
    • +
    • If the indicated system has any active workflows, the response will include +information such as the workflow type and the current stage of each workflow.
    • If there are no active workflows, then a null data member will be returned.
    -

    Get location of system package in PAC

    Returns the location of a system's package in the Package Approval Chain (PAC) +

    Get status of active workflows in a system

    Returns the location of a system's package in the Package Approval Chain (PAC) for matching systemId path parameter

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Submit system package for review

    Adds a Package Approval Chain (PAC) for given systemId path parameter

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    Request Body schema: application/json

    Update an existing Artifact by Id

    -
    workflow
    string
    Enum: "Assess and Authorize" "Assess Only" "Security Plan Approval"

    [Required] The PAC workflow

    -
    name
    string

    [Required] Package name. 100 Characters.

    -
    comments
    string

    [Required] Character Limit = 4,000.

    -

    Responses

    Request samples

    Content type
    application/json
    {
    • "workflow": "Assess and Authorize",
    • "name": "Package name text",
    • "comments": "Comments text."
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    CMMC Assessments

    The Cybersecurity Maturity Model Certification (CMMC) Assessments endpoint provides the ability to view CMMC assessment information. It is available to CMMC eMASS only.

    -

    Get CMMC assessment information

    Get all CMMC assessment after the given date sinceDate parameter. It is available +

    Notes:

    +
      +
    • If the indicated system has any active workflows, the response will include information +such as the workflow type and the current stage of each workflow.

      +
    • +
    • If there are no active workflows, then a null data member will be returned.

      +
    • +
    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Initiate system workflow for review

    Adds a Package Approval Chain (PAC) for given systemId path parameter

    +

    Request Body Required Fields

    +
      +
    • workflow
    • +
    • name
    • +
    • comments
    • +
    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Add system package to PAC for review

    +
    Array ()
    workflow
    string

    [Required] The PAC workflow

    +
    name
    string

    [Required] Package name. 100 Characters.

    +
    comments
    string

    [Required] Character Limit = 4,000.

    +

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    CMMC Assessments

    The Cybersecurity Maturity Model Certification (CMMC) Assessments endpoint provides the ability to view CMMC assessment information. It is available to CMMC eMASS only.

    +

    Get CMMC assessment information

    Get all CMMC assessment after the given date sinceDate parameter. It is available to CMMC eMASS only.

    -
    Authorizations:
    query Parameters
    sinceDate
    required
    string
    Example: sinceDate=1638764040

    Date CMMC date (Unix date format)

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Static Code Scans

    The Static Code Scans endpoint provides the ability to upload application scan findings into a system's assets module. Application findings can also be cleared from the system.

    -

    Upload static code scans or Clear static code scans

    Upload or clear application scan findings into a system's systemId assets module.

    +
    Authorizations:
    query Parameters
    sinceDate
    required
    string
    Example: sinceDate=1638764040

    Date CMMC date (Unix date format)

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Static Code Scans

    The Static Code Scans endpoint provides the ability to upload application scan findings into a system's assets module. Application findings can also be cleared from the system.

    +

    Upload static code scans or Clear static code scans

    Upload or clear application scan findings into a system's systemId assets module.

    +

    Request Body Required Fields

    +
      +
    • Application Object (application)
        +
      • applicationName
      • +
      • version
      • +
      +
    • +
    • Application Findings Object Array (applicationFindings)
        +
      • codeCheckName
      • +
      • count
      • +
      • scanDate
      • +
      • cweId
      • +
      +
    • +

    Note: To clear an application's findings, use only the field clearFindings as -the Request body and set it to true.

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    Request Body schema: application/json

    Update an existing Artifact by Id

    -
    object
    Array of objects (Static Code Application POST object") <= 3 items >= 1

    Responses

    Request samples

    Content type
    application/json
    {
    • "application": {
      },
    • "applicationFindings": [
      ]
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Workflow Definitions

    The Workflow Definitions endpoint provides the ability to view all workflow schemas available on the eMASS instance. Every transition for each workflow stage is included.

    -

    Get workflow definitions in a site

    View all workflow schemas available on the eMASS instance filtered by +the Request body and set it to true. Example:

    +
    [ 
    +  { 
    +    "application": { 
    +      "applicationName": "application name", 
    +      "version": "application version" 
    +    }, 
    +    "applicationFindings": [ 
    +      { "clearFindings": true } 
    +    ] 
    +  } 
    +]
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Add static code scans or Clear static code scans

    +
    object
    Array of objects (Static Code Application POST object")

    Responses

    Request samples

    Content type
    application/json
    {
    • "application": {
      },
    • "applicationFindings": [
      ]
    }

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Workflow Definitions

    The Workflow Definitions endpoint provides the ability to view all workflow schemas available on the eMASS instance. Every transition for each workflow stage is included.

    +

    Get workflow definitions in a site

    View all workflow schemas available on the eMASS instance filtered by status includeInactive and registration type registrationType.

    -
    Authorizations:
    query Parameters
    includeInactive
    boolean
    Default: true
    Enum: true false

    Include Inactive: If no value is specified, the default returns false to not include outdated workflow definitions.

    -
    registrationType
    string
    Default: "regular"

    Registration Type: Filter record by selected registration type (single value or comma delimited values).

    +
    Authorizations:
    query Parameters
    includeInactive
    boolean
    Default: true

    Include Inactive: If no value is specified, the default returns false to not include outdated workflow definitions.

    +
    registrationType
    string
    Default: "regular"

    Registration Type: Filter record by selected registration type (single value or comma delimited values).

    Available values: assessAndAuthorize, assessOnly, guest, regular, functional, cloudServiceProvider, commonControlProvider

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Workflow Instances

    The Workflow Instances endpoint provides the ability to view detailed information on all active and historical workflows for a system.

    -

    Get workflow instances in a system

    View detailed information on all active and historical workflows for a system -systemId and filtered by provided parameters.

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    query Parameters
    includeComments
    boolean
    Default: true
    Enum: true false

    Include Comments: If no value is specified, the default returns true to not include +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Workflow Instances

    The Workflow Instances endpoint provides the ability to view detailed information on all active and historical workflows for an eMASS instance.

    +

    Get workflow instances in a site

    View detailed information on all active and historical workflows filtered by provided parameters.

    +
    Authorizations:
    query Parameters
    includeComments
    boolean
    Default: true

    Include Comments: If no value is specified, the default returns true to not include transition comments.

    Note: Corresponds to the Comments textbox that is required at most workflow transitions. Does not include other text input fields such as Terms / Conditions for Authorization.

    -
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns true to not include transition comments.

    -
    sinceDate
    string
    Example: sinceDate=1638764040

    Date: Filter on authorization/assessment date (Unix date format).

    +
    includeDecommissionSystems
    boolean
    Default: false

    Include Decommission Systems: If no value is specified, the default returns false to exclude decommissioned systems.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +

    Note: Pages contain 1000 workflow instances.

    +
    sinceDate
    string
    Example: sinceDate=1638764040

    Date: Filter on authorization/assessment date (Unix date format).

    Note: Filters off the lastEditedDate field.

    Note: The authorization/assessment decisions on completed workflows can be edited for up to 30 days after the initial decision is made.

    -
    status
    string
    Default: "all"
    Enum: "active" "inactive" "all"

    Status: Filter by status.

    +
    status
    string
    Default: "all"
    Enum: "active" "inactive" "all"

    Status: Filter by status.

    If no value is specified, the default returns all to include both active and inactive workflows.

    Note: Any workflows at a current stage of Complete or Cancelled are inactive. Ongoing workflows currently at other stages are active.

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Get workflow instance by ID in a system

    View detailed information on all active and historical workflows for a system -systemId and workflowInstanceId.

    -
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    -
    workflowInstanceId
    required
    integer
    Example: 123

    Workflow Instance Id: The unique milestone record identifier.

    -

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }
    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ],
    • "pagination": {}
    }

    Get workflow instance by ID

    View detailed historical workflow information for workflowInstanceId.

    +
    Authorizations:
    path Parameters
    workflowInstanceId
    required
    integer
    Example: 123

    Workflow Instance Id: The unique workflow definition identifier.

    +

    Responses

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": {
      }
    }

    Cloud Resource Results

    The Cloud Resource Results endpoint provides the ability to add, update, and remove cloud resources and their scan results in the assets module for a system.

    +

    Add one or many cloud resources and their scan results

    Add cloud resources and their scan results in the assets module for a system systemId

    +

    Request Body Required Fields

    +
      +
    • provider
    • +
    • resourceId
    • +
    • resourceName
    • +
    • resourceType
    • +
    • Compliance Results Object Array complianceResults
        +
      • cspPolicyDefinitionId
      • +
      • isCompliant
      • +
      • policyDefinitionTitle
      • +
      +
    • +
    +

    Example Request Body Required Fields

    +
    [ 
    +  { 
    +    "provider": "provide name",
    +    "resourceId": "resource identification",
    +    "resourceName": "resource name",
    +    "resourceType": "resource type",
    +    "complianceResults": [ 
    +      { 
    +        "cspPolicyDefinitionId": "CSP policy definition identification",
    +        "policyDefinitionTitle": "policy definition title",
    +        "isCompliant": [true or false]
    +      } 
    +    ] 
    +  } 
    +]
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Add cloud resources and their scan results

    +
    Array ()
    provider
    string

    [Required] Cloud service provider name

    +
    resourceId
    string

    [Required] Unique identifier/resource namespace for policy compliance result

    +
    resourceName
    string

    [Required] Friendly name of Cloud resource

    +
    resourceType
    string

    [Required] Type of Cloud resource

    +
    initiatedBy
    string

    [Optional] Email of POC

    +
    cspAccountId
    string

    [Optional] System/owner's CSP account ID/number

    +
    cspRegion
    string

    [Optional] CSP region of system

    +
    isBaseline
    boolean

    [Optional] True/false flag for providing results as baseline. If true, all existing compliance results for the resourceId will be replaced by results in the current call

    +
    object

    [Optional] Informational tags associated to results for other metadata

    +
    Array of objects

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Remove one or many cloud resources in a system

    Removes cloud resources and their scan results in the assets module for a system systemId

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Delete the given Cloud Resource Id

    +
    Array ()
    resourceId
    string

    [Required] Unique item identifier

    +

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Container Scan Results

    The Container Scan Results endpoint provides the ability to add, update, and remove containers and their scan results in the assets module for a system.

    +

    Add one or many containers and their scan results

    Add containers and their scan results in the assets module for a system systemId.

    +

    Request Body Required Fields

    +
      +
    • containerId
    • +
    • containerName
    • +
    • time
    • +
    • Bench Marks Object Array benchmarks
        +
      • benchmark
      • +
      • Results Object Array results
          +
        • ruleId
        • +
        • status
        • +
        • lastSeen
        • +
        +
      • +
      +
    • +
    +

    Example Request Body Required Fields

    +
    [
    +  {
    +    "containerId": "container identification",
    +    "containerName": "container name",
    +    "time": Datetime of scan/result (1648217219),
    +    "benchmarks": [
    +      { 
    +        "benchmark": "RHEL_8_STIG",
    +        "results": [ 
    +          { 
    +            "ruleId": "rule identification",
    +            "status": [Pass,Fail,Other,Not Reviewed,Not Checked,Not Applicable],
    +            "lastSeen": Unix date format (1648217219)
    +          }, {
    +            "ruleId": "rule identification",
    +            "status": [Pass,Fail,Other,Not Reviewed,Not Checked,Not Applicable],
    +            "lastSeen": Unix date format (1648217219)
    +          }
    +        ]
    +      }
    +    ]
    +  }
    +]
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Add containers and their scan results

    +
    Array ()
    containerId
    string

    [Required] Unique identifier of the container

    +
    containerName
    string

    [Required] Friendly name of the container

    +
    time
    integer <int64>

    [Required] Datetime of scan/result. Unix date format

    +
    podName
    string

    [Optional] Name of pod (e.g. Kubernetes pod)

    +
    podIp
    string

    [Optional] IP address of pod

    +
    namespace
    string

    [Optional] Namespace of container in container orchestration (e.g. Kubernetes namespace)

    +
    object

    [Optional] Informational tags associated to results for other metadata

    +
    Array of objects

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Remove one or many containers in a system

    Removes container scan resources and their scan results in the assets module for a system systemId

    +
    Authorizations:
    path Parameters
    systemId
    required
    integer
    Example: 35

    System Id: The unique system record identifier.

    +
    Request Body schema: application/json

    Delete the given Container Scan Id

    +
    Array ()
    containerId
    string

    [Required] Unique item identifier

    +

    Responses

    Request samples

    Content type
    application/json
    [
    • {
      }
    ]

    Response samples

    Content type
    application/json
    {
    • "meta": {
      },
    • "data": [
      ]
    }

    Dashboards

    The Dashboards endpoints provide the ability to view data contained in dashboard exports. +In the eMASS frontend, these dashboard exports are generated as Excel exports.

    +

    Each dashboard dataset available from the API is automatically updated with the current +configuration of the dashboard and the instance of eMASS as the dashboard changes.

    +

    Organization-specific fields may differ. Organization-specific Dashboards should only be +used by that organization (e.g., VA [dashboard name] should be used by VA).

    +

    System Status Dashboard

    System Status Details

    Get systems status detail dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Enterprise Terms Conditions Dashboards

    System Terms Conditions Summary

    Get systems terms conditions summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Terms Conditions Details

    Get systems terms conditions details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Enterprise Security Controls Dashboards

    System Control Compliance Summary

    Get systems control compliance summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Control Compliance Details

    Get systems security control details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Assessment Procedures Details

    Get systems assessement procdures details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Enterprise POA&M Dashboards

    System POA&M Summary

    Get systems POA&Ms summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System POA&M Details

    Get system POA&Ms details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Enterprise Artifacts Dashboards

    System Artifacts Summary

    Get system Artifacts summary information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Artifacts Details

    Get system Artifacts details information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Hardware Baseline Dashboards

    System Hardware Summary

    Get system hardware summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Hardware Details

    Get system hardware details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Enterprise Sensor-based Hardware Resources Dashboards

    System Sensor Hardware Summary

    Get system sensor hardware summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Sensor Hardware Details

    Get system sensor hardware details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Software Baseline Dashboards

    System Software Summary

    Get system software summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Software Details

    Get system software details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Enterprise Sensor-based Software Resources Dashboards

    System Sensor Software Summary

    Get system sensor software summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Sensor Software Details

    Get system sensor hardsoftwareware details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Sensor Software Counts

    Get system sensor hardsoftwareware count dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Enterprise Vulnerability Dashboards

    System Vulnerability Summary

    Get system vulnerability summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Device Findings Summary

    Get system device findings summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Device Findings Details

    Get ssystem device findings details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Ports and Protocols Dashboards

    System Ports/Protocols Summary

    Get system ports and protocols summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Ports/Protocols Details

    Get system ports and protocols details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System CONMON Integration Status Dashboard

    System CONMON Integration Status

    Get system CONMON integration status dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System Associations Dashboard

    System Associations Details

    Get system associations details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Users Dashboard

    User System Assignments Details

    Get user system assignments details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Privacy Compliance Dashboards

    System Privacy Summary

    Get user system privacy summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    VA OMB FISMA SAOP Summary

    Get VA OMB-FISMA SAOP summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System A&A Summary Dashboard

    VA System A&A Summary

    Get VA system A&A summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System A2.0 Summary Dashboard

    VA System A2.0 Summary

    Get VA system A2.0 summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    System P.L. 109 Reporting Summary Dashboard

    VA System P.L. 109 Reporting Summary

    Get VA system P.L. 109 reporting summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    FISMA Inventory Summary Dashboards

    VA System FISMA Inventory Summary

    Get VA system FISMA inventory summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    VA System FISMA Inventory Crypto Summary

    Get VA system FISMA inventory crypto summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    Threat Risks Dashboards

    VA System Threat Risks Summary

    Get VA system threat risk summary dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    VA System Threat Sources Details

    Get VA system threat source details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }

    VA System Threat Architecture Details

    Get VA system threat architecture details dashboard information.

    +
    Authorizations:
    query Parameters
    orgId
    required
    integer
    Example: orgId=1

    Organization Id: The unique organization identifier.

    +
    excludeinherited
    boolean
    Default: false

    Exclude Inherited: If no value is specified, the default returns false to include inherited data.

    +
    pageIndex
    integer
    Default: 0

    Page Index: If no value is specified, the default returns results from the first page with an index of 0.

    +
    pageSize
    integer
    Default: 20000

    Page Size: If no value is specified, the default returns 20000 per page.

    +

    Responses

    Response samples

    Content type
    application/json
    { }